2022 ? 007 (Previously 2021-003) Subrecipient Monitoring (Significant Deficiency and Noncompliance) Federal Agency: U.S. Department of Treasury Federal Program Name: Coronavirus State and Local Fiscal Recovery Funds Assistance Listing Number: 21.027 Federal Award Identification Number and Year: Pub. L. No. 117-2-2021 Award Period: 5/10/2021 - 12/31/2026 Type of Finding: ? Significant Deficiency in Internal Control over Compliance, Other Matters Criteria or specific requirement: According to ? 200.303 Internal controls of 2 CFR Part 200, the non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. According to ? 200.332 Requirements for pass-through entities of 2 CFR Part 200, all pass-through entities must: ? Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring. ? Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. ? Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ? 200.501. ? Consider whether the results of the subrecipient's audits, on-site reviews, or other monitoring indicate conditions that necessitate adjustments to the pass-through entity's own records. According to the City's subrecipient monitoring policies and procedures, monitoring of subrecipients shall be conducted as often as may be required at the discretion of the Community Development Division or at least once per program year. An annual Risk Assessment will be completed to determine a ranking for the activity. The Risk Assessment ranking score will determine whether a monitoring review will occur. Condition: During our testing, it was noted that the City did not follow federal subrecipient monitoring and management regulation nor its subrecipient monitoring policies and procedures. Questioned costs: None 2022 ? 007 (Previously 2021-003) Subrecipient Monitoring (Significant Deficiency and Noncompliance) (Continued) Context: During our testing, we noted the following exceptions: ? For 2 of 4 subrecipients, the City did not utilize the risk assessment tool specific to ARPA which does have a different risk assessment ranking score determining the monitoring of the subrecipient. The City did, however, perform a monitoring visit for the subrecipients. ? For 1 of 4 subrecipients, the City did not utilize the risk assessment tool specific to ARPA. The City utilized the AGA Risk Assessment Monitoring Tool. We noted the following exceptions. ? According to the Introduction of the AGA Risk Assessment Monitoring Tool, while the risk assessment monitoring tool may be useful in supplementing existing tools, it is not intended to replace any risk assessment tools that may already be in use by monitoring agencies. Further, the City omitted the Programmatic Assessment of the AGA Risk Assessment Monitoring Tool. ? According to the Introduction of the AGA Risk Assessment Monitoring Tool, in using the risk assessment tool, monitoring agencies are encouraged to develop applicable risk factors to evaluate programmatic compliance risk and should use professional judgment in developing a weighted scoring system for each component of the assessment. The City did not develop a weighted scoring system for each component of the assessment. ? No evidence of approval of the AGA Risk Assessment Monitoring Tool. ? In the Monitoring/Audit Assessment section of the AGA Risk Assessment Monitoring Tool, the City marked all N/A based on a response of the subrecipient has not needed to complete a single audit in the past. However, the subrecipient did have a single audit for the fiscal year end date of 12/31/2020 with the Federal Audit Clearinghouse receiving the audit report on 5/27/2021. No review of the single audit by the City. Management?s Progress for Repeat Findings: The City Controller reviewed the listing of subrecipient risk assessments for 2022 and the listing was determined to be complete. The City will update the subrecipient monitoring policies and procedures ad provide training to the departments. Cause: The City failed to follow federal subrecipient monitoring and management regulation nor its subrecipient monitoring policies and procedures. Repeat Finding: 2021-003 Effect: The auditor noted instances of noncompliance. Noncompliance results in subrecipients' noncompliance with federal statutes, regulations, and the terms and conditions of the subaward. Recommendation: We recommend the City design controls to ensure compliance with federal subrecipient monitoring and management regulation and its subrecipient monitoring policies and procedures. Management Response: Management agrees with the finding. The City will develop standard City-wide subrecipient management policies and procedures including risk assessment and monitoring tools. Additionally, any federal program with two or more City departments managing subrecipients will use the same subrecipient tools to ensure consistency. Timeline and Responsible Position: June 2023 ? City Controller/DFAS Deputy Director
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Cluster: Research and Development Federal Agency: All awards with subrecipients on the SEFA Award Names: All awards with subrecipients on the SEFA Award Numbers: All awards with subrecipients on the SEFA Assistance Listing Title: All awards with subrecipients on the SEFA Assistance Listing Number: All awards with subrecipients on the SEFA Award Year: 2021 - 2022 Pass-through entity: All pass-through entities noted on the SEFA Criteria 2 CFR 200.332 notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. Further, Uniform Guidance 2 CFR section 200.331(f) requires that the entity verify that every subrecipient is audited as required by Subpart F? Audit Requirements when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501 Audit requirements ($750,000). Condition In testing conformity with the compliance requirements for subrecipient monitoring, we selected 7 of the 61 Research and Development subrecipient agreements and the one Opioid STR subrecipient agreement from the detailed listings provided for testing. The total federal funds passed through to subrecipients in FY22 amounted to $3.5 million for the Research & Development Cluster, and $24,500 for the Opioid STR program. For all of our selections, the most recent audit report was not reviewed for purposes of ongoing monitoring as required by the Uniform Guidance. The Health System has a risk assessment form that is completed at contract inception for its subrecipients; however, the risk assessment is not reassessed annually for all subrecipients. The most recent risk assessment form was conducted in 2018 for 2 selections, in 2019 for 2 selections, in 2020 for 2 selections and in 2021 for 2 selections. We further noted that 7 of the 8 risk assessment forms selected for testing did not include explicit documentation detailing the subrecipient audit report review (such as what year was reviewed, what were the results of the review, etc.). Additionally, for one selection, the initial subrecipient risk assessment form was reviewed after the subrecipient award agreement was executed. Cause The Health System?s subrecipient policy does not explicitly state the ongoing monitoring activities that must be conducted or the frequency of required monitoring. For instance, the policy does not outlinemonitoring activities that are required for all subrecipients. Additionally, the risk assessment form does not prescribe the details of the subrecipient audit report review that should be documented. Effect The subrecipients of the Health System may have audit findings pertaining to the Federal award provided from the Health System that may have implications on the compliance of the Health System with Uniform Guidance. Additionally, there may be changes in the risk characteristics of subrecipients that are not identified if risk assessments are not periodically updated. Questioned Costs None noted. Recommendation We recommend that he Health System update its subrecipient monitoring policy to reflect all monitoring compliance requirements of the Uniform Guidance. In particular, the policy should require the receipt of the Uniform Guidance report from all subrecipients that expended $750,000 or more in federal awards during the subrecipient?s fiscal year (or the receipt of the subrecipient?s latest financial statements if not) at contract inception. Any audit findings pertaining to the Federal award should be followed up on by the Health System and a management decision should be issued. This Policy should be distributed and adhered to by all that have a role in the subrecipient monitoring process of the Health System. Management?s Views and Corrective Action Plan Management?s response is included in ?Management?s Views and Corrective Action Plan? included at the end of this report after the summary schedule of status of prior audit findings.
Program: Housing Voucher Cluster Assistance Listing No.: 14.871, 14.879 Federal Agency: U.S. Department of Housing and Urban Development Passed-through: n/a ? direct award Award Number and Year: CA131, 2021/2022 Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness in Internal Control over Compliance, Material Noncompliance Criteria: 2 CFR 200.331(a) establishes the required elements that the pass-through entity (County) must include in their subrecipient agreements. 2 CFR 200.331(b) establishes the requirement that the pass-through entity must evaluate the risk of noncompliance with Federal statutes, regulations, and terms and conditions of the program for each subaward for the purpose of determining the appropriate subrecipient monitoring activities. 2 CFR 200.331(d) and 2 CFR 200.331(e) establishes the requirement that the pass-through entity must monitor the activities of each subrecipient of program funds to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward and achieves performance goals. 2 CFR 200.331(d) requires that the monitoring activities must include: 1) Reviewing of financial and performance reports as required by the pass-through entity. 2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means. 3) Issuing a management decision for audit findings pertaining to the Federal award provided to the subrecipient from the pass-through entity as required by ?200.521 Management decision. 2 CRF 200.331(f) establishes the requirement for the pass-through entity to verify whether the subrecipient is subject to a single audit when the subrecipient?s expenditures are expected to exceed the threshold set forth in 2 CRF 200.501. Condition: In 1 out of 1 instance selected, we found that the subrecipient agreement did not contain the federal award identification elements required to be communicated by the County. We found that the County did not have documented policies or procedures for the evaluation of the subrecipient?s risk of noncompliance with program requirements prior to awarding the subrecipient contract. We also found that the County did not have documented monitoring procedures to be followed based on the assessed level of risk of noncompliance. Furthermore, the County did not have documented procedures to verify whether the subrecipient was subject to a single audit. As a result, we found that in 1 out of 1 instance selected, a documented assessment of the subrecipient?s risk of noncompliance was not performed. In this same instance, a documented review of whether the subrecipient was subject to a single audit was also not performed. Cause: The County did not have documented policies and procedures over subrecipient monitoring to ensure that the required risk assessments and monitoring procedures were performed. The County?s subrecipient contracting procedures also did not require the inclusion of the required elements. Effect: The County did not include all the required elements in their subawards and did not perform appropriate monitoring procedures over the subrecipients. Questioned Costs: No known questioned costs identified. Context/Sampling: We selected 100% of the County?s subrecipients of the program. Repeat Finding from Prior Year(s): Yes, prior year finding 2021-004. Recommendation: We recommend that the County establish documented policies and procedures over subrecipient monitoring, including a documented risk assessment, monitoring procedures, and contract reviews. Views of Responsible Officials: Management agrees with the finding. See separate corrective action plan.
Program: Housing Voucher Cluster Assistance Listing No.: 14.871, 14.879 Federal Agency: U.S. Department of Housing and Urban Development Passed-through: n/a ? direct award Award Number and Year: CA131, 2021/2022 Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness in Internal Control over Compliance, Material Noncompliance Criteria: 2 CFR 200.331(a) establishes the required elements that the pass-through entity (County) must include in their subrecipient agreements. 2 CFR 200.331(b) establishes the requirement that the pass-through entity must evaluate the risk of noncompliance with Federal statutes, regulations, and terms and conditions of the program for each subaward for the purpose of determining the appropriate subrecipient monitoring activities. 2 CFR 200.331(d) and 2 CFR 200.331(e) establishes the requirement that the pass-through entity must monitor the activities of each subrecipient of program funds to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward and achieves performance goals. 2 CFR 200.331(d) requires that the monitoring activities must include: 1) Reviewing of financial and performance reports as required by the pass-through entity. 2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means. 3) Issuing a management decision for audit findings pertaining to the Federal award provided to the subrecipient from the pass-through entity as required by ?200.521 Management decision. 2 CRF 200.331(f) establishes the requirement for the pass-through entity to verify whether the subrecipient is subject to a single audit when the subrecipient?s expenditures are expected to exceed the threshold set forth in 2 CRF 200.501. Condition: In 1 out of 1 instance selected, we found that the subrecipient agreement did not contain the federal award identification elements required to be communicated by the County. We found that the County did not have documented policies or procedures for the evaluation of the subrecipient?s risk of noncompliance with program requirements prior to awarding the subrecipient contract. We also found that the County did not have documented monitoring procedures to be followed based on the assessed level of risk of noncompliance. Furthermore, the County did not have documented procedures to verify whether the subrecipient was subject to a single audit. As a result, we found that in 1 out of 1 instance selected, a documented assessment of the subrecipient?s risk of noncompliance was not performed. In this same instance, a documented review of whether the subrecipient was subject to a single audit was also not performed. Cause: The County did not have documented policies and procedures over subrecipient monitoring to ensure that the required risk assessments and monitoring procedures were performed. The County?s subrecipient contracting procedures also did not require the inclusion of the required elements. Effect: The County did not include all the required elements in their subawards and did not perform appropriate monitoring procedures over the subrecipients. Questioned Costs: No known questioned costs identified. Context/Sampling: We selected 100% of the County?s subrecipients of the program. Repeat Finding from Prior Year(s): Yes, prior year finding 2021-004. Recommendation: We recommend that the County establish documented policies and procedures over subrecipient monitoring, including a documented risk assessment, monitoring procedures, and contract reviews. Views of Responsible Officials: Management agrees with the finding. See separate corrective action plan.
Program: Emergency Rental Assistance Program Assistance Listing No.: 21.023 Federal Agency: U.S. Department of the Treasury Passed-through: n/a ? direct award Award Number and Year: Not Applicable, 2021/2022 Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness in Internal Control over Compliance, Material Noncompliance Criteria: 2 CFR 200.331(a) establishes the required elements that the pass-through entity (County) must include in their subrecipient agreements. 2 CFR 200.331(b) establishes the requirement that the pass-through entity must evaluate the risk of noncompliance with Federal statutes, regulations, and terms and conditions of the program for each subaward for the purpose of determining the appropriate subrecipient monitoring activities. 2 CFR 200.331(d) and 2 CFR 200.331(e) establishes the requirement that the pass-through entity must monitor the activities of each subrecipient of program funds to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward and achieves performance goals. 2 CFR 200.331(d) requires that the monitoring activities must include: 1. Reviewing of financial and performance reports as required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means. 3. Issuing a management decision for audit findings pertaining to the Federal award provided to the subrecipient from the pass-through entity as required by ?200.521 Management decision. 2 CRF 200.331(f) establishes the requirement for the pass-through entity to verify whether the subrecipient is subject to a single audit when the subrecipient?s expenditures are expected to exceed the threshold set forth in 2 CRF 200.501. Condition: In 1 out of 1 instance selected, we found that the subrecipient agreement did not contain the federal award identification elements required to be communicated by the County. We found that the County did not have documented policies or procedures for the evaluation of the subrecipient?s risk of noncompliance with program requirements prior to awarding the subrecipient contract. We also found that the County did not have documented monitoring procedures to be followed based on the assessed level of risk of noncompliance. Furthermore, the County did not have documented procedures to verify whether the subrecipient was subject to a single audit. As a result, we found that in 1 out of 1 instance selected, a documented assessment of the subrecipient?s risk of noncompliance was not performed. In this same instance, a documented review of whether the subrecipient was subject to a single audit was also not performed. Cause: The County did not have documented policies and procedures over subrecipient monitoring to ensure that the required risk assessments and monitoring procedures were performed. The County?s subrecipient contracting procedures also did not require the inclusion of the required elements. Effect: The County did not include all the required elements in their subawards and did not perform appropriate monitoring procedures over the subrecipients. Questioned Costs: None noted. Context/Sampling: We selected 100% of the County?s subrecipients of the program. $6,177,719 was paid to the subrecipient during the fiscal year. Repeat Finding from Prior Year: No. Recommendation: We recommend that the County establish documented policies and procedures over subrecipient monitoring, including a documented risk assessment, monitoring procedures, and contract reviews. Views of Responsible Officials: Management agrees with the finding. See separate corrective action plan.
Subrecipient Monitoring 2022-007 GENERAL INFORMATION: Grant Title: COVID-19 Coronavirus State and Local Fiscal Recovery Funds Federal Award Number: Assistance Listing #: 21.027 Federal Agency: Department of the Treasury CONDITION: We noted during our audit that the Randolph County Commission failed to properly monitor subrecipients. Specifically, there was no assurance that the allocated funds sent were expensed by the subrecipients. CRITERIA: 'Proper internal control over federal awards passed to subrecipients requires the establishment and maintenance of an effective system to provide reasonable assurance that the subrecipient is managing the federal award in compliance with federal statues, regulations, and terms and conditions of the federal award. 2 CFR Part 200.332 states, in part, that: "(a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the following information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. Required information includes:(1) Federal award identification. (i) Subrecipient name (which must match the name associated with its unique entity identifier); (ii) Subrecipient's unique entity identifier; (iii) Federal Award Identification Number (FAIN); (iv) Federal Award Date (see the definition of Federal award date in ? 200.1 of this part) of award to the recipient by the Federal agency; (v) Subaward Period of Performance Start and End Date; (vi) Subaward Budget Period Start and End Date; (vii) Amount of Federal Funds Obligated by this action by the pass-through entity to the subrecipient; (viii) Total Amount of Federal Funds Obligated to the subrecipient by the pass-through entity including the current financial obligation; (ix) Total Amount of the Federal Award committed to the subrecipient by the pass-through entity; (x)Federal award project description, as required to be responsive to the Federal Funding Accountability and Transparency Act (FFATA); (xi)Name of Federal awarding agency, pass-through entity, and contact information for awarding official of the Pass-through entity; (xii)Assistance Listings number and Title; the pass-through entity must identify the dollar amount made available under each Federal award and the Assistance Listings Number at time of disbursement; (xiii) Identification of whether the award is R&D; and (xiv)Indirect cost rate for the Federal award (including if the de minimis rate is charged) per ? 200.414. (2) All requirements imposed by the pass-through entity on the subrecipient so that the Federal award is used in accordance with Federal statutes, regulations and the terms and conditions of the Federal award; (3) Any additional requirements that the pass-through entity imposes on the subrecipient in order for the pass-through entity to meet its own responsibility to the Federal awarding agency including identification of any required financial and performance reports; (4) (i) An approved federally recognized indirect cost rate negotiated between the subrecipient and the Federal Government. If no approved rate exists, the pass-through entity must determine the appropriate rate in collaboration with the subrecipient, which is either: (A) The negotiated indirect cost rate between the pass-through entity and the subrecipient; which can be based on a prior negotiated rate between a different PTE and the same subrecipient. If basing the rate on a previously negotiated rate, the pass-through entity is not required to collect information justifying this rate, but may elect to do so; (B) The de minimis indirect cost rate. (4) (ii) The pass-through entity must not require use of a de minimis indirect cost rate if the subrecipient has a Federally approved rate. Subrecipients can elect to use the cost allocation method to account for indirect costs in accordance with ? 200.405(d). (5) A requirement that the subrecipient permit the pass-through entity and auditors to have access to the subrecipient's records and financial statements as necessary for the pass-through entity to meet the requirements of this part; and (6) Appropriate terms and conditions concerning closeout of the subaward. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with Subpart F of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g., if the subrecipient also receives Federal awards directly from a Federal awarding agency).... (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by ?200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section ?200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the pass-through entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward.... (f) Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ?200.501. (g) Consider whether the results of the subrecipient's audits, on-site reviews, or other monitoring indicate conditions that necessitate adjustments to the pass-through entity's own records." QUESTIONED COSTS: $163,617 CONTEXT: Disbursements totaling $163,617 were made to subrecipients without activities being monitored to ensure expenditures of the subaward were being used for authorized purposes and in accordance with the grant guidelines. CAUSE: The Randolph County Commission did not have procedures in place to ensure subrecipient monitoring requirements were performed. EFFECT: Failure to properly monitor subrecipients increases the likelihood of errors or irregularities not being prevented or detected in a timely manner. Additionally, the risk of unallowable activities and unallowable costs is significantly increased. Management failed to comply with all applicable, material compliance requirements of the grant agreement. REPEAT FINDING: Yes PRIOR YEAR FINDING NUMBER: 2021-002 RECOMMENDATION: The Randolph County Commission is directed to review these regulations and comply with the provisions set forth therein. VIEWS OF RESPONSIBLE OFFICIALS AND PLANNED CORRECTIVE ACTIONS: We will comply and monitor subrecipient spending going forward.
Criteria: Single Audits under 2 CFR Part 200 Subpart F 200.501? Audit Requirements are required to be submitted through the Federal Clearinghouse nine months from the recipient?s year end. Condition: For the third year in a row the County has not been able to begin the audit early enough to meet the nine-month submission deadline. Cause and Effect: The County has been unable to close the financial records and submit the required information to the auditors in a timely manner, resulting in noncompliance. Repeat Finding: No Recommendation: We recommend that the County submit the required information to the auditors in a timely manner in an effort to meet this deadline. To achieve this goal, it may require the County to either increase staffing levels or hire a consultant.
Criteria: Single Audits under 2 CFR Part 200 Subpart F 200.501? Audit Requirements are required to be submitted through the Federal Clearinghouse nine months from the recipient?s year end. Condition: For the third year in a row the County has not been able to begin the audit early enough to meet the nine-month submission deadline. Cause and Effect: The County has been unable to close the financial records and submit the required information to the auditors in a timely manner, resulting in noncompliance. Repeat Finding: No Recommendation: We recommend that the County submit the required information to the auditors in a timely manner in an effort to meet this deadline. To achieve this goal, it may require the County to either increase staffing levels or hire a consultant.
Criteria: Single Audits under 2 CFR Part 200 Subpart F 200.501? Audit Requirements are required to be submitted through the Federal Clearinghouse nine months from the recipient?s year end. Condition: For the third year in a row the County has not been able to begin the audit early enough to meet the nine-month submission deadline. Cause and Effect: The County has been unable to close the financial records and submit the required information to the auditors in a timely manner, resulting in noncompliance. Repeat Finding: No Recommendation: We recommend that the County submit the required information to the auditors in a timely manner in an effort to meet this deadline. To achieve this goal, it may require the County to either increase staffing levels or hire a consultant.
Criteria: Single Audits under 2 CFR Part 200 Subpart F 200.501? Audit Requirements are required to be submitted through the Federal Clearinghouse nine months from the recipient?s year end. Condition: For the third year in a row the County has not been able to begin the audit early enough to meet the nine-month submission deadline. Cause and Effect: The County has been unable to close the financial records and submit the required information to the auditors in a timely manner, resulting in noncompliance. Repeat Finding: No Recommendation: We recommend that the County submit the required information to the auditors in a timely manner in an effort to meet this deadline. To achieve this goal, it may require the County to either increase staffing levels or hire a consultant.
Reference Number: 2022-024 Prior Year Finding: 2021-024 Federal Agency: U.S. Department of Health and Human Services State Department Name: Department of Health and Social Services State Division Name: Division of Substance Abuse and Mental Health Federal Program: Block Grants for Prevention and Treatment of Substance Abuse, COVID-10 - Block Grants for Prevention and Treatment of Substance Abuse Assistance Listing Number: 93.959 Award Number and Year: B08TI083060 (10/1/2019 ? 9/30/2021), B08TI083488 (10/1/2020 ? 9/30/2022) Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness in Internal Control Over Compliance, Material Noncompliance Criteria or specific requirement: Compliance: 2 CFR ?200.332 - Requirements for Pass-Through Entities states in part, that all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. (b) Evaluate each subrecipient?s risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient?s prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with Subpart F - Audit Requirements of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; (4) The extent and results of Federal awarding agency monitoring (e.g., if the subrecipient also receives Federal awards directly from a Federal awarding agency). (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means. (3) Issuing a management decision for audit findings pertaining to the Federal award provided to the subrecipient from the pass-through entity as required by ? 200.521 Management decision. (e) Depending upon the pass-through entity?s assessment of risk posed by the subrecipient (as described in paragraph (b) of this section), the following monitoring tools may be useful for the pass-through entity to ensure proper accountability and compliance with program requirements and achievement of performance goals: (1) Providing subrecipients with training and technical assistance on program-related matters; and (2) Performing on-site reviews of the subrecipient?s program operations; (3) Arranging for agreed-upon-procedures engagements as described in ? 200.425 Audit services. (f) Verify that every subrecipient is audited as required by Subpart F - Audit Requirements of this part when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ? 200.501 Audit requirements. Control: Per 2 CFR Section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in ?Standards for Internal Control in the Federal Government? issued by the Comptroller General of the United States or the ?Internal Control Integrated Framework?, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Division was not able to provide support that it furnished required information to its subrecipients at the time of subaward, monitored its subrecipients, or ensured its subrecipients were audited as required by 2 CFR Part 200 Subpart F ? Audit Requirements (Subpart F). Context: Exceptions were noted in four of eight subrecipients selected for testing (exceptions listed include multiple exceptions for some subrecipients): ? Four of eight subrecipient agreements were missing the following required information: Subrecipient?s Unique Identifier, Federal Award Identification Number (FAIN), Federal Award Date, Federal Award Project Description, Assistance Listing Number and Title. ? For one of eight subrecipients, the Division was unable to provide support that it ensured the subrecipient was audited as required by Subpart F. The Division could not produce evidence of verification that the subrecipient?s Federal awards expended during the fiscal year were below the threshold set forth in ? 200.501 Audit requirements. ? For four of eight subrecipients, the Division was unable to provide support that it conducted during the award monitoring as required by the Division?s policies and procedures. Questioned costs: Undetermined. Cause: The Division did not establish effective internal controls and procedures over subrecipient monitoring. Effect: Excluding the required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. There is also the potential for subrecipients to have incomplete Schedules of Expenditures of Federal Awards (SEFA) in their Single Audit reports, and federal funds may not be properly audited at the subrecipient level in accordance with the Uniform Guidance. Not conducting during the award monitoring may result in a failure of the Division to detect that its subrecipients used subawards for unauthorized purposes, managed them in violation of the terms and conditions of the subawards, or that subaward performance goals were not achieved. Without ensuring subrecipients have obtained audits as required by Subpart F, there is an increased risk that subrecipients could be inappropriately spending and/or inaccurately tracking and reporting federal funds over multiple year periods, and these discrepancies may not be properly monitored, detected, and corrected by Division personnel on a timely basis. Recommendation: The Division should review and enhance internal controls and procedures to ensure that all required information is included in all subawards and provided to the subrecipients, that proper subrecipient monitoring is conducted, and that evaluation of independent audits is performed. Views of responsible officials: The Division has been working to implement corrective action, as this was a prior finding. The implementation timeline overlapped into the current audit period. DSAMH continues to reevaluate its current process and to enhance internal controls and procedures to ensure that all required information is included in all subawards and provided to the subrecipients, also that proper subrecipient monitoring is conducted, and that evaluation of independent audits is performed.
Reference Number: 2022-024 Prior Year Finding: 2021-024 Federal Agency: U.S. Department of Health and Human Services State Department Name: Department of Health and Social Services State Division Name: Division of Substance Abuse and Mental Health Federal Program: Block Grants for Prevention and Treatment of Substance Abuse, COVID-10 - Block Grants for Prevention and Treatment of Substance Abuse Assistance Listing Number: 93.959 Award Number and Year: B08TI083060 (10/1/2019 ? 9/30/2021), B08TI083488 (10/1/2020 ? 9/30/2022) Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness in Internal Control Over Compliance, Material Noncompliance Criteria or specific requirement: Compliance: 2 CFR ?200.332 - Requirements for Pass-Through Entities states in part, that all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. (b) Evaluate each subrecipient?s risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient?s prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with Subpart F - Audit Requirements of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; (4) The extent and results of Federal awarding agency monitoring (e.g., if the subrecipient also receives Federal awards directly from a Federal awarding agency). (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means. (3) Issuing a management decision for audit findings pertaining to the Federal award provided to the subrecipient from the pass-through entity as required by ? 200.521 Management decision. (e) Depending upon the pass-through entity?s assessment of risk posed by the subrecipient (as described in paragraph (b) of this section), the following monitoring tools may be useful for the pass-through entity to ensure proper accountability and compliance with program requirements and achievement of performance goals: (1) Providing subrecipients with training and technical assistance on program-related matters; and (2) Performing on-site reviews of the subrecipient?s program operations; (3) Arranging for agreed-upon-procedures engagements as described in ? 200.425 Audit services. (f) Verify that every subrecipient is audited as required by Subpart F - Audit Requirements of this part when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ? 200.501 Audit requirements. Control: Per 2 CFR Section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in ?Standards for Internal Control in the Federal Government? issued by the Comptroller General of the United States or the ?Internal Control Integrated Framework?, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Division was not able to provide support that it furnished required information to its subrecipients at the time of subaward, monitored its subrecipients, or ensured its subrecipients were audited as required by 2 CFR Part 200 Subpart F ? Audit Requirements (Subpart F). Context: Exceptions were noted in four of eight subrecipients selected for testing (exceptions listed include multiple exceptions for some subrecipients): ? Four of eight subrecipient agreements were missing the following required information: Subrecipient?s Unique Identifier, Federal Award Identification Number (FAIN), Federal Award Date, Federal Award Project Description, Assistance Listing Number and Title. ? For one of eight subrecipients, the Division was unable to provide support that it ensured the subrecipient was audited as required by Subpart F. The Division could not produce evidence of verification that the subrecipient?s Federal awards expended during the fiscal year were below the threshold set forth in ? 200.501 Audit requirements. ? For four of eight subrecipients, the Division was unable to provide support that it conducted during the award monitoring as required by the Division?s policies and procedures. Questioned costs: Undetermined. Cause: The Division did not establish effective internal controls and procedures over subrecipient monitoring. Effect: Excluding the required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. There is also the potential for subrecipients to have incomplete Schedules of Expenditures of Federal Awards (SEFA) in their Single Audit reports, and federal funds may not be properly audited at the subrecipient level in accordance with the Uniform Guidance. Not conducting during the award monitoring may result in a failure of the Division to detect that its subrecipients used subawards for unauthorized purposes, managed them in violation of the terms and conditions of the subawards, or that subaward performance goals were not achieved. Without ensuring subrecipients have obtained audits as required by Subpart F, there is an increased risk that subrecipients could be inappropriately spending and/or inaccurately tracking and reporting federal funds over multiple year periods, and these discrepancies may not be properly monitored, detected, and corrected by Division personnel on a timely basis. Recommendation: The Division should review and enhance internal controls and procedures to ensure that all required information is included in all subawards and provided to the subrecipients, that proper subrecipient monitoring is conducted, and that evaluation of independent audits is performed. Views of responsible officials: The Division has been working to implement corrective action, as this was a prior finding. The implementation timeline overlapped into the current audit period. DSAMH continues to reevaluate its current process and to enhance internal controls and procedures to ensure that all required information is included in all subawards and provided to the subrecipients, also that proper subrecipient monitoring is conducted, and that evaluation of independent audits is performed.
Reference Number: 2022-029 Prior Year Finding: 2021-027 Federal Agency: U.S. Department Homeland Security State Department Name: Department of Safety and Homeland Security, Federal Emergency Management Agency (FEMA) State Division Name: Delaware Emergency Management Agency (DEMA) Federal Program: Disaster Grants - Public Assistance (Presidentially Declared Disasters), COVID-19 ? Disaster Grants ? Public Assistance (Presidentially Declared Disasters) Assistance Listing Number: 97.036 Award Number and Year: 4526-DR-DE (2022), 4566-DR-DE (2022), 4627-DR-DE (2022) Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness in Internal Control Over Compliance, Material Noncompliance Criteria or specific requirement: Compliance: 2 CFR ?200.332 - Requirements for Pass-Through Entities states, in part, that all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. Required information includes: (1) Federal Award Identification (i) Subrecipient name (which must match the name associated with its unique entity identifier); (ii) Subrecipient?s unique entity identifier; (iii) Federal Award Identification Number (FAIN); (iv) Federal Award Date (see the definition of Federal award date in ? 200.1 of this part) of award to the recipient by the Federal agency; (v) Subaward Period of Performance Start and End Date; (vi) Subaward Budget Period Start and End Date; (vii) Amount of Federal Funds Obligated by this action by the pass-through entity to the subrecipient; (viii) Total Amount of Federal Funds Obligated to the subrecipient by the pass-through entity including the current financial obligation; (ix) Total Amount of the Federal Award committed to the subrecipient by the pass-through entity; (x) Federal award project description, as required to be responsive to the Federal Funding Accountability and Transparency Act (FFATA); (xi) Name of Federal awarding agency, pass-through entity, and contact information for awarding official of the Pass-through entity; (xii) Assistance Listings number and Title; the pass-through entity must identify the dollar amount made available under each Federal award and the Assistance Listings Number at time of disbursement. (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means. (3) Issuing a management decision for audit findings pertaining to the Federal award provided to the subrecipient from the pass-through entity as required by ? 200.521 Management decision. (f) Verify that every subrecipient is audited as required by Subpart F - Audit Requirements of this part when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ? 200.501 Audit requirements. Control: Per 2 CFR Section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in ?Standards for Internal Control in the Federal Government? issued by the Comptroller General of the United States or the ?Internal Control Integrated Framework?, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: DEMA did not furnish all required information to its subrecipients at the time of issuance of the subawards. Further, DEMA was not able to provide support that it monitored the activities of its subrecipients to ensure that the subawards were used for authorized purposes, nor that it ensured its subrecipients were audited as required by 2 CFR Part 200 Subpart F ? Audit Requirements (Subpart F). Context: ? For five of five subrecipients, the following required information was not provided to the subrecipient at the time of award issuance: Federal Award Identification (FAIN), Federal award date, subaward budget period start and end date, Federal award project description as required by FFATA, name of Federal awarding agency, and Assistance Listing number and title. ? For five of five subrecipients, DEMA was unable to provide support that it monitored the activities of its subrecipients during the fiscal year to ensure that the subawards were used for authorized purposes. ? For three of five subrecipients, DEMA was unable to provide support that it ensured the subrecipients were audited as required by Subpart F. DEMA could not produce evidence of verification that the subrecipient?s Federal awards expended during the fiscal year were below the threshold set forth in ? 200.501 Audit requirements. Questioned costs: Undetermined. Cause: DEMA did not establish effective internal controls and procedures over subrecipient monitoring. Effect: Excluding the required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. There is also the potential for subrecipients to have incomplete Schedules of Expenditures of Federal Awards (SEFA) in their Single Audit reports, and federal funds may not be properly audited at the subrecipient level in accordance with the Uniform Guidance. Not conducting during the award monitoring may result in a failure to detect that subrecipients used subawards for unauthorized purposes, managed them in violation of the terms and conditions of the subawards, or that subaward performance goals were not achieved. Without ensuring subrecipients have obtained audits as required by Subpart F there is an increased risk that subrecipients could be inappropriately spending and/or inaccurately tracking and reporting federal funds over multiple year periods, and these discrepancies may not be properly monitored, detected, and corrected by agency personnel on a timely basis. Recommendation: DEMA should review and enhance internal controls and procedures to ensure that all required information is included in all subawards, that subrecipients are properly monitored, and that evaluation of independent audits is performed. Views of responsible officials: A contractor has been assigned to develop and implement internal controls to ensure all required information is included in all subawards, that subrecipients are properly monitored, and that evaluation of independent audits is performed. Subaward letters were updated in September 2022 and a monitoring protocol implemented to begin monitoring all subrecipients to date to include an evaluation of independent audits that is documented as part of the monitoring visit.
Reference Number: 2022-029 Prior Year Finding: 2021-027 Federal Agency: U.S. Department Homeland Security State Department Name: Department of Safety and Homeland Security, Federal Emergency Management Agency (FEMA) State Division Name: Delaware Emergency Management Agency (DEMA) Federal Program: Disaster Grants - Public Assistance (Presidentially Declared Disasters), COVID-19 ? Disaster Grants ? Public Assistance (Presidentially Declared Disasters) Assistance Listing Number: 97.036 Award Number and Year: 4526-DR-DE (2022), 4566-DR-DE (2022), 4627-DR-DE (2022) Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness in Internal Control Over Compliance, Material Noncompliance Criteria or specific requirement: Compliance: 2 CFR ?200.332 - Requirements for Pass-Through Entities states, in part, that all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. Required information includes: (1) Federal Award Identification (i) Subrecipient name (which must match the name associated with its unique entity identifier); (ii) Subrecipient?s unique entity identifier; (iii) Federal Award Identification Number (FAIN); (iv) Federal Award Date (see the definition of Federal award date in ? 200.1 of this part) of award to the recipient by the Federal agency; (v) Subaward Period of Performance Start and End Date; (vi) Subaward Budget Period Start and End Date; (vii) Amount of Federal Funds Obligated by this action by the pass-through entity to the subrecipient; (viii) Total Amount of Federal Funds Obligated to the subrecipient by the pass-through entity including the current financial obligation; (ix) Total Amount of the Federal Award committed to the subrecipient by the pass-through entity; (x) Federal award project description, as required to be responsive to the Federal Funding Accountability and Transparency Act (FFATA); (xi) Name of Federal awarding agency, pass-through entity, and contact information for awarding official of the Pass-through entity; (xii) Assistance Listings number and Title; the pass-through entity must identify the dollar amount made available under each Federal award and the Assistance Listings Number at time of disbursement. (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means. (3) Issuing a management decision for audit findings pertaining to the Federal award provided to the subrecipient from the pass-through entity as required by ? 200.521 Management decision. (f) Verify that every subrecipient is audited as required by Subpart F - Audit Requirements of this part when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ? 200.501 Audit requirements. Control: Per 2 CFR Section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in ?Standards for Internal Control in the Federal Government? issued by the Comptroller General of the United States or the ?Internal Control Integrated Framework?, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: DEMA did not furnish all required information to its subrecipients at the time of issuance of the subawards. Further, DEMA was not able to provide support that it monitored the activities of its subrecipients to ensure that the subawards were used for authorized purposes, nor that it ensured its subrecipients were audited as required by 2 CFR Part 200 Subpart F ? Audit Requirements (Subpart F). Context: ? For five of five subrecipients, the following required information was not provided to the subrecipient at the time of award issuance: Federal Award Identification (FAIN), Federal award date, subaward budget period start and end date, Federal award project description as required by FFATA, name of Federal awarding agency, and Assistance Listing number and title. ? For five of five subrecipients, DEMA was unable to provide support that it monitored the activities of its subrecipients during the fiscal year to ensure that the subawards were used for authorized purposes. ? For three of five subrecipients, DEMA was unable to provide support that it ensured the subrecipients were audited as required by Subpart F. DEMA could not produce evidence of verification that the subrecipient?s Federal awards expended during the fiscal year were below the threshold set forth in ? 200.501 Audit requirements. Questioned costs: Undetermined. Cause: DEMA did not establish effective internal controls and procedures over subrecipient monitoring. Effect: Excluding the required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. There is also the potential for subrecipients to have incomplete Schedules of Expenditures of Federal Awards (SEFA) in their Single Audit reports, and federal funds may not be properly audited at the subrecipient level in accordance with the Uniform Guidance. Not conducting during the award monitoring may result in a failure to detect that subrecipients used subawards for unauthorized purposes, managed them in violation of the terms and conditions of the subawards, or that subaward performance goals were not achieved. Without ensuring subrecipients have obtained audits as required by Subpart F there is an increased risk that subrecipients could be inappropriately spending and/or inaccurately tracking and reporting federal funds over multiple year periods, and these discrepancies may not be properly monitored, detected, and corrected by agency personnel on a timely basis. Recommendation: DEMA should review and enhance internal controls and procedures to ensure that all required information is included in all subawards, that subrecipients are properly monitored, and that evaluation of independent audits is performed. Views of responsible officials: A contractor has been assigned to develop and implement internal controls to ensure all required information is included in all subawards, that subrecipients are properly monitored, and that evaluation of independent audits is performed. Subaward letters were updated in September 2022 and a monitoring protocol implemented to begin monitoring all subrecipients to date to include an evaluation of independent audits that is documented as part of the monitoring visit.
Program: Foster Care Federal Financial Assistance Listing Number: 93.658 Federal Grantor: U.S. Department of Health and Human Services Pass-Through: California Department of Social Services Award No. and Year: 2201CAFOST and 2022, 2101CAFOST and 2021 Compliance Requirements: Subrecipient Monitoring Type of Finding: Material Weakness in Internal Control over Compliance and Material Noncompliance Criteria: In accordance with Title 2 U.S. Code of Federal Regulations (CFR) 200.332, pass-through entities must comply with the following: ? 2 CFR 200.332(d)- Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include the information at 2 CFR 200.332(d)(1) through (4). ? 2 CFR 200.332(f) ? Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in 200.501. The California Department of Social Services further clarifies in its County Fiscal Letter No. 21/22 ? 115 that Foster Family Agency (FFA), Group Home, and Short Term Residential Therapeutic Programs (STRTP) are ?considered subrecipients and subject to the same audit requirements and require the same degree of oversight as other subrecipients?. Further, while there are some licensing and oversight functions performed by the state over FFAs, group homes, and STRTPs, ?counties are still ultimately responsible for review of these audits and their findings, any follow-up to ensure compliance, and any other form of monitoring and oversight required by federal and state laws and regulations.? Condition: The County did not have any formal controls or procedures in place for subrecipient monitoring for the Foster Care program. Cause: The County did not maintain procedures to monitor the activities of each subrecipient, or verify that every subrecipient is audited, as required. Effect: The County did not maintain policies and procedures to align with the Subrecipient Monitoring requirements in 2 CFR 200.332 and did not comply with subrecipient monitoring requirements related to the program. Questioned Costs: No questioned costs were identified as a result of our procedures. Context/Sampling: A nonstatistical sample of eight (8) out of 53 subrecipients were sampled, which included six (6) FFA, and two (2) STRTP types. The condition noted above was identified during our procedures related to subrecipient monitoring, and was pervasive to the program. Repeat Findings from Prior Years: No. Recommendation: We recommend that the County implement policies and procedures in accordance with 2 CFR 200.332 to ensure compliance with subrecipient monitoring requirements. Views of Responsible Officials: Management agrees. See separately issued Corrective Action Plan.
Program: Foster Care Federal Financial Assistance Listing Number: 93.658 Federal Grantor: U.S. Department of Health and Human Services Pass-Through: California Department of Social Services Award No. and Year: 2201CAFOST and 2022, 2101CAFOST and 2021 Compliance Requirements: Subrecipient Monitoring Type of Finding: Material Weakness in Internal Control over Compliance and Material Noncompliance Criteria: In accordance with Title 2 U.S. Code of Federal Regulations (CFR) 200.332, pass-through entities must comply with the following: ? 2 CFR 200.332(d)- Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include the information at 2 CFR 200.332(d)(1) through (4). ? 2 CFR 200.332(f) ? Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in 200.501. The California Department of Social Services further clarifies in its County Fiscal Letter No. 21/22 ? 115 that Foster Family Agency (FFA), Group Home, and Short Term Residential Therapeutic Programs (STRTP) are ?considered subrecipients and subject to the same audit requirements and require the same degree of oversight as other subrecipients?. Further, while there are some licensing and oversight functions performed by the state over FFAs, group homes, and STRTPs, ?counties are still ultimately responsible for review of these audits and their findings, any follow-up to ensure compliance, and any other form of monitoring and oversight required by federal and state laws and regulations.? Condition: The County did not have any formal controls or procedures in place for subrecipient monitoring for the Foster Care program. Cause: The County did not maintain procedures to monitor the activities of each subrecipient, or verify that every subrecipient is audited, as required. Effect: The County did not maintain policies and procedures to align with the Subrecipient Monitoring requirements in 2 CFR 200.332 and did not comply with subrecipient monitoring requirements related to the program. Questioned Costs: No questioned costs were identified as a result of our procedures. Context/Sampling: A nonstatistical sample of eight (8) out of 53 subrecipients were sampled, which included six (6) FFA, and two (2) STRTP types. The condition noted above was identified during our procedures related to subrecipient monitoring, and was pervasive to the program. Repeat Findings from Prior Years: No. Recommendation: We recommend that the County implement policies and procedures in accordance with 2 CFR 200.332 to ensure compliance with subrecipient monitoring requirements. Views of Responsible Officials: Management agrees. See separately issued Corrective Action Plan.
Program: Foster Care Federal Financial Assistance Listing Number: 93.658 Federal Grantor: U.S. Department of Health and Human Services Pass-Through: California Department of Social Services Award No. and Year: 2201CAFOST and 2022, 2101CAFOST and 2021 Compliance Requirements: Subrecipient Monitoring Type of Finding: Material Weakness in Internal Control over Compliance and Material Noncompliance Criteria: In accordance with Title 2 U.S. Code of Federal Regulations (CFR) 200.332, pass-through entities must comply with the following: ? 2 CFR 200.332(d)- Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include the information at 2 CFR 200.332(d)(1) through (4). ? 2 CFR 200.332(f) ? Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in 200.501. The California Department of Social Services further clarifies in its County Fiscal Letter No. 21/22 ? 115 that Foster Family Agency (FFA), Group Home, and Short Term Residential Therapeutic Programs (STRTP) are ?considered subrecipients and subject to the same audit requirements and require the same degree of oversight as other subrecipients?. Further, while there are some licensing and oversight functions performed by the state over FFAs, group homes, and STRTPs, ?counties are still ultimately responsible for review of these audits and their findings, any follow-up to ensure compliance, and any other form of monitoring and oversight required by federal and state laws and regulations.? Condition: The County did not have any formal controls or procedures in place for subrecipient monitoring for the Foster Care program. Cause: The County did not maintain procedures to monitor the activities of each subrecipient, or verify that every subrecipient is audited, as required. Effect: The County did not maintain policies and procedures to align with the Subrecipient Monitoring requirements in 2 CFR 200.332 and did not comply with subrecipient monitoring requirements related to the program. Questioned Costs: No questioned costs were identified as a result of our procedures. Context/Sampling: A nonstatistical sample of eight (8) out of 53 subrecipients were sampled, which included six (6) FFA, and two (2) STRTP types. The condition noted above was identified during our procedures related to subrecipient monitoring, and was pervasive to the program. Repeat Findings from Prior Years: No. Recommendation: We recommend that the County implement policies and procedures in accordance with 2 CFR 200.332 to ensure compliance with subrecipient monitoring requirements. Views of Responsible Officials: Management agrees. See separately issued Corrective Action Plan.
Program: Foster Care Federal Financial Assistance Listing Number: 93.658 Federal Grantor: U.S. Department of Health and Human Services Pass-Through: California Department of Social Services Award No. and Year: 2201CAFOST and 2022, 2101CAFOST and 2021 Compliance Requirements: Subrecipient Monitoring Type of Finding: Material Weakness in Internal Control over Compliance and Material Noncompliance Criteria: In accordance with Title 2 U.S. Code of Federal Regulations (CFR) 200.332, pass-through entities must comply with the following: ? 2 CFR 200.332(d)- Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include the information at 2 CFR 200.332(d)(1) through (4). ? 2 CFR 200.332(f) ? Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in 200.501. The California Department of Social Services further clarifies in its County Fiscal Letter No. 21/22 ? 115 that Foster Family Agency (FFA), Group Home, and Short Term Residential Therapeutic Programs (STRTP) are ?considered subrecipients and subject to the same audit requirements and require the same degree of oversight as other subrecipients?. Further, while there are some licensing and oversight functions performed by the state over FFAs, group homes, and STRTPs, ?counties are still ultimately responsible for review of these audits and their findings, any follow-up to ensure compliance, and any other form of monitoring and oversight required by federal and state laws and regulations.? Condition: The County did not have any formal controls or procedures in place for subrecipient monitoring for the Foster Care program. Cause: The County did not maintain procedures to monitor the activities of each subrecipient, or verify that every subrecipient is audited, as required. Effect: The County did not maintain policies and procedures to align with the Subrecipient Monitoring requirements in 2 CFR 200.332 and did not comply with subrecipient monitoring requirements related to the program. Questioned Costs: No questioned costs were identified as a result of our procedures. Context/Sampling: A nonstatistical sample of eight (8) out of 53 subrecipients were sampled, which included six (6) FFA, and two (2) STRTP types. The condition noted above was identified during our procedures related to subrecipient monitoring, and was pervasive to the program. Repeat Findings from Prior Years: No. Recommendation: We recommend that the County implement policies and procedures in accordance with 2 CFR 200.332 to ensure compliance with subrecipient monitoring requirements. Views of Responsible Officials: Management agrees. See separately issued Corrective Action Plan.
Program: Foster Care Federal Financial Assistance Listing Number: 93.658 Federal Grantor: U.S. Department of Health and Human Services Pass-Through: California Department of Social Services Award No. and Year: 2201CAFOST and 2022, 2101CAFOST and 2021 Compliance Requirements: Subrecipient Monitoring Type of Finding: Material Weakness in Internal Control over Compliance and Material Noncompliance Criteria: In accordance with Title 2 U.S. Code of Federal Regulations (CFR) 200.332, pass-through entities must comply with the following: ? 2 CFR 200.332(d)- Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include the information at 2 CFR 200.332(d)(1) through (4). ? 2 CFR 200.332(f) ? Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in 200.501. The California Department of Social Services further clarifies in its County Fiscal Letter No. 21/22 ? 115 that Foster Family Agency (FFA), Group Home, and Short Term Residential Therapeutic Programs (STRTP) are ?considered subrecipients and subject to the same audit requirements and require the same degree of oversight as other subrecipients?. Further, while there are some licensing and oversight functions performed by the state over FFAs, group homes, and STRTPs, ?counties are still ultimately responsible for review of these audits and their findings, any follow-up to ensure compliance, and any other form of monitoring and oversight required by federal and state laws and regulations.? Condition: The County did not have any formal controls or procedures in place for subrecipient monitoring for the Foster Care program. Cause: The County did not maintain procedures to monitor the activities of each subrecipient, or verify that every subrecipient is audited, as required. Effect: The County did not maintain policies and procedures to align with the Subrecipient Monitoring requirements in 2 CFR 200.332 and did not comply with subrecipient monitoring requirements related to the program. Questioned Costs: No questioned costs were identified as a result of our procedures. Context/Sampling: A nonstatistical sample of eight (8) out of 53 subrecipients were sampled, which included six (6) FFA, and two (2) STRTP types. The condition noted above was identified during our procedures related to subrecipient monitoring, and was pervasive to the program. Repeat Findings from Prior Years: No. Recommendation: We recommend that the County implement policies and procedures in accordance with 2 CFR 200.332 to ensure compliance with subrecipient monitoring requirements. Views of Responsible Officials: Management agrees. See separately issued Corrective Action Plan.
Finding Reference Number: 2022-018 NH Department of Health and Human Services Epidemiology and Laboratory Capacity for Infectious Diseases (ELC) and COVID-19 Epidemiology and Laboratory Capacity for Infectious Diseases (ELC) (Assistance Listing #93.323) Federal Award Numbers: NUK50CK000522 Federal Award Year: 2019 U.S. Department of Health and Human Services Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness and Material Noncompliance Prior Year Finding: 2021-021 Statistically Valid Sample: No Criteria A pass-through entity (PTE) must: 1. Identify the Award and Applicable Requirements ? Clearly identify to the subrecipient: (1) the award as a subaward at the time of subaward (or subsequent subaward modification) by providing the information described in 2 CFR section 200.332(a)(1); (2) all requirements imposed by the PTE on the subrecipient so that the federal award is used in accordance with federal statutes, regulations, and the terms and conditions of the award (2 CFR section 200.332(a)(2)); and (3) any additional requirements that the PTE imposes on the subrecipient in order for the PTE to meet its own responsibility for the federal award (e.g., financial, performance, and special reports) (2 CFR section 200.332(a)(3)). 2. Evaluate Risk ? Evaluate each subrecipient?s risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward (2 CFR section 200.332(b)). 3. Monitor ? Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals (2 CFR sections 200.332(d) through (f)). In addition to procedures identified as necessary based upon the evaluation of subrecipient risk or specifically required by the terms and conditions of the award, subaward monitoring must include the following: a. Reviewing financial and programmatic (performance and special reports) required by the PTE. b. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award provided to the subrecipient from the PTE detected through audits, on-site reviews, and other means. c. Issuing a management decision for audit findings pertaining to the federal award provided to the subrecipient from the PTE as required by 2 CFR section 200.521. 4. Ensure Accountability of For-Profit Subrecipients ? Some federal awards may be passed through to for-profit entities. For-profit subrecipients are accountable to the PTE for the use of the federal funds provided. Because 2 CFR Part 200 does not make Subpart F applicable to for-profit subrecipients, the PTE is responsible for establishing requirements, as necessary, to ensure compliance by for-profit subrecipients for the subaward. The agreement with the for-profit subrecipient must describe applicable compliance requirements and the for-profit subrecipient's compliance responsibility. Methods to ensure compliance for federal awards made to for-profit subrecipients may include pre-award audits, monitoring during the agreement, and post-award audits (2 CFR section 200.501(h)). Additionally, 45 CFR section 75 303(a) states the non Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award Condition During the year ended June 30, 2022, the New Hampshire Department of Health and Human Services (the Department) passed through $5,070,789 of federal funding to 56 subrecipients, both for-profit and non-profit. As part of our testing related subrecipient monitoring, we noted the following: A. The Department communicates award information to subrecipients through the approved agreement. Per review of the agreement, for 14 of 14 subrecipients selected for testwork, the Department did not communicate all the required award information as outlined in 2 CFR section 200.332(a). Specifically, one or all of the following elements were not communicated: - Subrecipient unique entity identifier; - Federal award date; - Name of the federal awarding agency, pass-through entity, and contact information for the awarding official of the pass-through entity; - Identification of whether the award is R&D; and - Indirect cost rate for the federal award B. The Department was unable to provide documentation to support it had evaluated subrecipient risk of noncompliance for all subrecipients for purposes of determining the appropriate subrecipient monitoring related to subawards. C. The Department did not perform any during the award monitoring over the programs subrecipients. D. The Department passed through federal funding to for-profit subrecipients. These subrecipients are not subject to 2 CFR 200 Subpart F and as such, no review over the uniform guidance audit report is performed by the Department. The Department was unable to provide documentation to support it had performed procedures to ensure compliance with the subrecipient agreement in accordance with 2 CFR section 200.501(h). Cause The cause of the condition found was primarily due to a lack of formal policies and internal controls to ensure that all required subrecipient monitoring compliance procedures are being performed by the Department. Effect The effect of the condition found is that the Department did not comply with 2 CFR section 200.332(a - h) and 2 CFR section 200.501(h). Questioned Costs None. Recommendation We recommend the Department develop policies and procedures and implement internal controls to ensure that the Department complies with 2 CFR section 200.332(a-h) and 2 CFR section 200.501(h). View of Responsible Officials The Department will review its Sub-recipient Monitoring Policy and assess compliance across the Department. It is important to note that between April 2020 and June 2022 the Department was involved in the State?s strategic response to the COVID-19 pandemic. During this time, New Hampshire was under a state of emergency (Executive Order 2020-04), processes were rapidly converted to fully digital overnight, the State?s standard approval processes were suspended and non-standard templates were utilized to respond to the COVID-19 pandemic. The Department worked with other State Departments and the National Guard to create a record number of amendments, contracts, and other agreements (approximately 200% more than standard). The Department is in the process of instituting a new contract life cycle management solution that will utilize conditional logic to include the required notifications for agreements involving federal funds in order to ensure compliance. Implementation is anticipated to be complete in July 2023. As the COVID-19 pandemic strategic response has wound down, the Department has not suspended its regular standard approval or subrecipient risk assessment and monitoring processes and has not used non-standard templates to award federal funding. The Financial Compliance Unit (FCU) will continue to work with the Business System Analyst of the Cost Allocation Unit in determining the amount of Federal payments made to the vendors. The FCU receives a vendor payment list on a quarterly basis that includes the total amount of Federal funds that were paid to all contracted agencies. We will continue to closely monitor the FAC to obtain all copies of the Single Audits pertaining to the DHHS agencies. In addition, we will devise a spreadsheet that will list all contracts that have been awarded Federal funds and cross check these agencies to vendor payment list. The DHHS updated the policy on risk assessment on November 16, 2020 to ensure that all contracts have a risk assessment performed regardless of funding source. We also have added verbiage in the contracts effective for contracts that begin after November 2021. It states any Contractor that receives an amount equal to or greater than $250,000 from the Department during a single fiscal year, regardless of the funding source, may be required, at a minimum, to submit annual financial audits performed by an independent CPA if the Department?s risk assessment determination indicates the Contractor is high-risk. Finally, effective for any new procurement subsequent to March 2022, all back-up documentation must accompany the invoices and be submitted on a monthly basis. Anticipated Completion Date: July 2023 Contact Person: Melissa Kelleher, Grants Administrator, Ann Driscoll, Financial Compliance Unit
Finding Reference Number: 2022-018 NH Department of Health and Human Services Epidemiology and Laboratory Capacity for Infectious Diseases (ELC) and COVID-19 Epidemiology and Laboratory Capacity for Infectious Diseases (ELC) (Assistance Listing #93.323) Federal Award Numbers: NUK50CK000522 Federal Award Year: 2019 U.S. Department of Health and Human Services Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness and Material Noncompliance Prior Year Finding: 2021-021 Statistically Valid Sample: No Criteria A pass-through entity (PTE) must: 1. Identify the Award and Applicable Requirements ? Clearly identify to the subrecipient: (1) the award as a subaward at the time of subaward (or subsequent subaward modification) by providing the information described in 2 CFR section 200.332(a)(1); (2) all requirements imposed by the PTE on the subrecipient so that the federal award is used in accordance with federal statutes, regulations, and the terms and conditions of the award (2 CFR section 200.332(a)(2)); and (3) any additional requirements that the PTE imposes on the subrecipient in order for the PTE to meet its own responsibility for the federal award (e.g., financial, performance, and special reports) (2 CFR section 200.332(a)(3)). 2. Evaluate Risk ? Evaluate each subrecipient?s risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward (2 CFR section 200.332(b)). 3. Monitor ? Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals (2 CFR sections 200.332(d) through (f)). In addition to procedures identified as necessary based upon the evaluation of subrecipient risk or specifically required by the terms and conditions of the award, subaward monitoring must include the following: a. Reviewing financial and programmatic (performance and special reports) required by the PTE. b. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award provided to the subrecipient from the PTE detected through audits, on-site reviews, and other means. c. Issuing a management decision for audit findings pertaining to the federal award provided to the subrecipient from the PTE as required by 2 CFR section 200.521. 4. Ensure Accountability of For-Profit Subrecipients ? Some federal awards may be passed through to for-profit entities. For-profit subrecipients are accountable to the PTE for the use of the federal funds provided. Because 2 CFR Part 200 does not make Subpart F applicable to for-profit subrecipients, the PTE is responsible for establishing requirements, as necessary, to ensure compliance by for-profit subrecipients for the subaward. The agreement with the for-profit subrecipient must describe applicable compliance requirements and the for-profit subrecipient's compliance responsibility. Methods to ensure compliance for federal awards made to for-profit subrecipients may include pre-award audits, monitoring during the agreement, and post-award audits (2 CFR section 200.501(h)). Additionally, 45 CFR section 75 303(a) states the non Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award Condition During the year ended June 30, 2022, the New Hampshire Department of Health and Human Services (the Department) passed through $5,070,789 of federal funding to 56 subrecipients, both for-profit and non-profit. As part of our testing related subrecipient monitoring, we noted the following: A. The Department communicates award information to subrecipients through the approved agreement. Per review of the agreement, for 14 of 14 subrecipients selected for testwork, the Department did not communicate all the required award information as outlined in 2 CFR section 200.332(a). Specifically, one or all of the following elements were not communicated: - Subrecipient unique entity identifier; - Federal award date; - Name of the federal awarding agency, pass-through entity, and contact information for the awarding official of the pass-through entity; - Identification of whether the award is R&D; and - Indirect cost rate for the federal award B. The Department was unable to provide documentation to support it had evaluated subrecipient risk of noncompliance for all subrecipients for purposes of determining the appropriate subrecipient monitoring related to subawards. C. The Department did not perform any during the award monitoring over the programs subrecipients. D. The Department passed through federal funding to for-profit subrecipients. These subrecipients are not subject to 2 CFR 200 Subpart F and as such, no review over the uniform guidance audit report is performed by the Department. The Department was unable to provide documentation to support it had performed procedures to ensure compliance with the subrecipient agreement in accordance with 2 CFR section 200.501(h). Cause The cause of the condition found was primarily due to a lack of formal policies and internal controls to ensure that all required subrecipient monitoring compliance procedures are being performed by the Department. Effect The effect of the condition found is that the Department did not comply with 2 CFR section 200.332(a - h) and 2 CFR section 200.501(h). Questioned Costs None. Recommendation We recommend the Department develop policies and procedures and implement internal controls to ensure that the Department complies with 2 CFR section 200.332(a-h) and 2 CFR section 200.501(h). View of Responsible Officials The Department will review its Sub-recipient Monitoring Policy and assess compliance across the Department. It is important to note that between April 2020 and June 2022 the Department was involved in the State?s strategic response to the COVID-19 pandemic. During this time, New Hampshire was under a state of emergency (Executive Order 2020-04), processes were rapidly converted to fully digital overnight, the State?s standard approval processes were suspended and non-standard templates were utilized to respond to the COVID-19 pandemic. The Department worked with other State Departments and the National Guard to create a record number of amendments, contracts, and other agreements (approximately 200% more than standard). The Department is in the process of instituting a new contract life cycle management solution that will utilize conditional logic to include the required notifications for agreements involving federal funds in order to ensure compliance. Implementation is anticipated to be complete in July 2023. As the COVID-19 pandemic strategic response has wound down, the Department has not suspended its regular standard approval or subrecipient risk assessment and monitoring processes and has not used non-standard templates to award federal funding. The Financial Compliance Unit (FCU) will continue to work with the Business System Analyst of the Cost Allocation Unit in determining the amount of Federal payments made to the vendors. The FCU receives a vendor payment list on a quarterly basis that includes the total amount of Federal funds that were paid to all contracted agencies. We will continue to closely monitor the FAC to obtain all copies of the Single Audits pertaining to the DHHS agencies. In addition, we will devise a spreadsheet that will list all contracts that have been awarded Federal funds and cross check these agencies to vendor payment list. The DHHS updated the policy on risk assessment on November 16, 2020 to ensure that all contracts have a risk assessment performed regardless of funding source. We also have added verbiage in the contracts effective for contracts that begin after November 2021. It states any Contractor that receives an amount equal to or greater than $250,000 from the Department during a single fiscal year, regardless of the funding source, may be required, at a minimum, to submit annual financial audits performed by an independent CPA if the Department?s risk assessment determination indicates the Contractor is high-risk. Finally, effective for any new procurement subsequent to March 2022, all back-up documentation must accompany the invoices and be submitted on a monthly basis. Anticipated Completion Date: July 2023 Contact Person: Melissa Kelleher, Grants Administrator, Ann Driscoll, Financial Compliance Unit