Finding Reference Number: 2022-004 NH Governor?s Office of Emergency Relief and Recovery COVID-19 Coronavirus Relief Fund (Assistance Listing #21.019) Federal Award Numbers: Not Applicable Federal Award Year: 2020 U.S. Department of Treasury Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency Prior Year Finding: 2021-011 Statistically Valid Sample: No Criteria A pass-through entity must: 1. Clearly identify to the subrecipient required award information and applicable requirements described in 2 CFR section 200.331(a); 2. Evaluate each subrecipient?s risk of noncompliance for the purposes of determining the appropriate subrecipient monitoring related to the subaward (2 CFR section 300.331(b)); and 3. Issuing a management decision for audit findings pertaining to federal award provided to the subrecipient from the subrecipient as required by 2 CFR section 200.521. Additionally, 2 CFR section 200.303(a) states that non-federal entities must establish and maintain effective internal control over federal awards that provide reasonable assurance that the non-federal entity is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. Condition Under the Coronavirus Relief Fund Program (CRF), the State of New Hampshire (the State) entered into various grant agreements with a third parties to provide program services under the CRF program. As part of our testwork over the subrecipient monitoring process, we noted the following breakdown of internal controls: A. The State communicates award information to the subrecipient through the approved grant agreement. During our testwork over the communication of award information, we noted instances where the State did not communicate all the required award information as outlined in 2 CFR section 200.331. Specifically, we noted the following: a. The indirect cost rate for the federal award, including if the de minimis rate is charged, was not included in each of the 7 grant agreements selected for testwork. b. Identification of whether the award is R&D was not included in 2 of 7 grant agreements selected for testwork. B. For 5 of 7 subrecipients selected for testwork, there was no evidence provided that a risk assessment had been performed for the subrecipient. While a risk assessment was not performed, we noted that for all 7 subrecipients selected for testwork that the State performed during the award monitoring procedures. C. The State did not appear to have policies and procedures over internal controls in place to determine if a subrecipient had a Uniform Guidance report if the amount awarded to the subrecipient under the CRF program was under the audit threshold of $750,000. Based on our independent review of uniform guidance submissions within the Federal Audit Clearinghouse, none of the 7 subrecipients selected for testwork had a submitted uniform guidance report, and as such, a management decision letter would not have been required to be submitted for the each of the 7 subrecipients. Cause The cause of the condition found is due to insufficient policies and internal controls to ensure that grant agreements contain the appropriate award notification information, that documented risk assessments are performed and that a comprehensive review to determine if subrecipients had a uniform guidance submitted regardless of the amount awarded under this federal award. Effect The effect of the condition found is that the State did not have sufficient internal controls in place in accordance with 2 CFR section 200.303(a)) and 200.332.(a). In addition, subrecipients could have had a uniform guidance report issued in which a management decision letter needed to be issued but as the Department does not evaluate this for subrecipient?s that were not granted more than $750,000, they would not be able to recognize the need for a management decision letter timely. Questioned Costs None. Recommendation We recommend that the State review its existing internal controls, policies, and procedures to ensure that the State complies with the provisions of 2 CFR section 200.332(a), 2 CFR section 200.332(b), and 2 CFR section 200.251. This would include ensuring that: 1. All required award information is communicated to subrecipients; 2. Documented risk assessments are performed over all subrecipients; and 3. All subrecipients are reviewed regardless of amount awarded to determine if a uniform guidance report was issued and if a management decision letter should be issued. View of Responsible Officials The State concurs in part with the findings and concurs in part with the recommendations. Given that CARES Act CRF is a funding source that is no longer eligible for use because program obligations were required to be entered into by December 31, 2021, and program expenditures complete by September 30, 2022, there are no ongoing CRF funded projects or programs. As a result, any corrective actions would relate to ensuring any other federal funding sources are achieving compliance requirements. With regard to condition A, the State partially concurs. Federal guidance concerning CARES Act CRF did not allow for charging indirect costs. That guidance indicated ?Payments from the Fund are not administered as part of a traditional grant program and the provisions of the Uniform Guidance, 2 CFR part 200, that are applicable to indirect costs do not apply. Recipients may not apply their indirect costs rates to payments received from the Fund.? Thus, awardees and recipients of funds were not permitted to charge indirect costs against CARES Act CRF. However, the state acknowledges inclusion of language specifically acknowledging the disallowance of indirect costs could have been included in the agreements. With regard to condition B, the State concurs. The four identified subrecipients were awardees of a program that was facilitated at the very end of CARES Act CRF eligibility for the period of performance. This program was run due to updated guidance by U.S. Treasury on December 14, 2021, that extended the deadline for expenditure of funds so long as obligations were entered into by December 31, 2021. That program largely resulted in direct beneficiary awards, but due to the nature of some expenditures awarded some entities received a subaward. Those subawards identified a brief timeline for project completion, between December 2021 and September 2022. Most projects were completed in February and March, with two of the subrecipients finalizing projects in September. Given the nature and timing of the program, those subawardees were closely monitored and regularly interacted with the State in order to receive reimbursement for eligible expenses and complete projects. The State can provide documentation of that monitoring and expense review. However, formal risk assessments were not initially done for those entities. Since then, the State has implemented policies and procedures that help ensure risk assessments are completed for all subrecipients, regardless of the nature of the program. With regard to condition C, the State concurs and has already implemented corrective actions to ensure procedures and policies are in place concerning Uniform Guidance Report review and the issuance of any necessary management decision letters to the extent required and where this deficiency could impact any other sources of federal funding. It is worth noting that the State in most cases has timely conducted risk assessments of subrecipients and reviewed relevant Uniform Guidance Reports, but its corrective action will result in better documentation of that process and protocol. Anticipated Completion Date: The corrective actions indicated above have already been implemented as of the date of this response. Contact Person: Steve Giovinelli and Chase Hagaman
Finding Reference Number: 2022-007 NH Governor?s Office of Emergency Relief and Recovery COVID-19 Homeowners Assistance Fund Program (Assistance Listing #21.026) Federal Award Numbers: HAFP-0190 Federal Award Year: 2021 U.S. Department of Treasury Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness and Material Noncompliance Prior Year Finding: None Statistically Valid Sample: No Criteria A pass-through entity must: 1. Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals (2 CFR sections 200.332(d) through (f). In addition to procedures identified as necessary based upon the evaluation of subrecipient risk or specifically required through the terms and conditions of the award, subaward monitoring must include following up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means; and 2. Issuing a management decision for audit findings pertaining to federal award provided to the subrecipient from the subrecipient as required by 2 CFR section 200.521. Additionally, 2 CFR section 200.303(a) states the non Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. Condition The New Hampshire Governor?s Office of Emergency Relief and Recovery (the Office) entered into a subrecipient grant agreement whereby the subrecipient is responsible for determining benefit eligibility as well as calculating the benefit amount that the participant is eligible to receive. During the year ended June 30, 2022, the Department passed through $49,250,000 to its subrecipient. As part of our testwork over the subrecipient monitoring process, we noted the following: A. The Office obtains bi-weekly reports from the subrecipient that provides information related to cumulative cases, status of the case as well as geographic data surrounding the counties assisted. We selected 1 of the 3 bi-weekly reports received by the Office and noted that while the report was received, there was no documented evidence to support that the Office had reviewed the report as part of its monitoring procedures. B. The subrecipient has a quality control process in place whereby it selects samples of cases to ensure that the eligibility determination for the case was appropriate and there is appropriate documentation to substantiate the amount paid to the participant. The subrecipient submits a QC report to the Office summarizing the results of the review, including any items that require corrective action. We selected 2 of the 4 QC reports received by the Office during the audit period and noted that while the QC reports were received by the Office, there was no documented evidence to support that the Office had reviewed the QC report as part of its monitoring process. C. The Office obtains and reviews the subrecipients uniform guidance report on an annual basis. The Office currently does not have a process in place to track the date in which the audit report was reviewed. As such, we were unable to determine if the Office reviewed the uniform guidance report timely. Per review of the subrecipient uniform guidance report, there were no matters identified within the audit report that would require the Office to issue a management decision letter. D. As part of the Office?s federal reporting requirements, the Office obtains information directly from the subrecipient that is used to compile federal reports. The Department does not perform any documented monitoring procedures over the data submitted by the subrecipient to ensure that the following data used is by the Office within the report is complete and accurate: a. the number of unique homeowners that received assistance and subset that are classified as socially disadvantaged and 100 percent are median income or less b. the number homeowners and the amount of funding homeowners received, disaggregated by program design element are complete and accurate. Cause The cause of the condition found is due to insufficient procedures for ensuring monitoring activities performed are documented. Per inquiry of management, we noted that the Office meets weekly with the subrecipient and as part of these meetings, the bi-weekly reports, the QC reports and the data collected that is used as the basis for federal reporting are discussed. However, there is no evidence such as meeting minutes or agendas maintained to validate that this review occurred at an appropriate precision level. In addition, the review of the subrecipient?s uniform guidance report is documented along with its risk assessment process, which may not correspond with the actual receipt and review of the uniform guidance report. Effect The effect of the condition found is that the Office did not comply with 2 CFR section 200.332(d) through (f) and may not issue a management decision timely as required in accordance with 2 CFR section 200.521. Questioned Costs None. Recommendation We recommend that the Office formalize policies and procedures and implement the necessary internal controls to ensure that the Office complies with the provisions of CFR section 200.332(d) through (f) and 2 CFR section 200.251. This would include ensuring that: 1. During the award monitoring procedures are documented and any items requiring follow up or a corrective action are resolved timely and 2. Ensure that all uniform guidance reports are collected and reviewed timely so that a management decision letter can be issued within the time period required by federal regulations. 3. Data collected from the subrecipient used to compile federal reports is monitored to ensure that the data is complete and accurate. View of Responsible Officials The State concurs in part with the findings and recommended action. The State?s HAF program fully launched in March 2022 of the Fiscal Year under review, which ended June 30, 2022. On the whole, a more robust subrecipient monitoring framework and process is being implemented during the current Fiscal Year for this program. However, the State has engaged in thorough monitoring of its subrecipient, receiving and reviewing recurring biweekly and quarterly reports. As noted, discussion of those reports takes place during weekly conversations with the subrecipient. However, the State has acknowledged that it needs to more formally memorialize the substance of such conversations to demonstrate such review. This change in protocol and procedure has already been implemented during this Fiscal Year. The State has also engaged in a subrecipient risk assessment and review of audited financials for the purposes of uniform guidance report review. However, its process and protocols will be revised to better demonstrate when such reviews/assessments take place moving forward. Moreover, the State relies on its subrecipient to facilitate the State?s HAF program, which includes collecting and processing data, as outlined in the program?s policy guide manual. A key feature of that process is a detailed quality control protocol. Additionally, during this Fiscal Year, the State engaged in a robust, on-site review of the subrecipient?s quality control protocols and methods, including applicant file review, and found them satisfactory and reliable. The State also works closely with its subrecipient during the quarterly and annual U.S. Treasury reporting processes, which involves reviewing and analyzing data provided by the subrecipient for reporting purposes. This review and the resulting communications can result in corrections to data prior to submission to U.S. Treasury. Corrective Action and Anticipated Completion Date: As of this response, the State has already implemented several corrective actions that align with the recommendations above, including documentation of report review during weekly calls with the subrecipient, timestamping procedures for uniform guidance report review, and on site, detailed review of quality control protocols that involved applicant file review. The State will further ensure that such updated protocols and procedures are memorialized in the Programs? transaction processing memo during its Q1 2023 update, including any protocols necessary to ensure timely issuance of any required management decisions relative to the subrecipient. Contact Person: Chase Hagaman, Lisa Cota-Robles, and Michele Zangri-Crean
Finding Reference Number: 2022-008 NH Governor?s Office of Emergency Relief and Recovery COVID-19 Coronavirus State and Local Fiscal Recovery Funds (Assistance Listing #21.027) Federal Award Numbers: SLFRP0145 Federal Award Year: 2021 U.S. Department of Treasury Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency Prior Year Finding: None Statistically Valid Sample: No Criteria A pass-through entity must: 1. Clearly identify to the subrecipient required award information and applicable requirements described in 2 CFR section 200.332(a); 2. Evaluate each subrecipient?s risk of noncompliance for the purposes of determining the appropriate subrecipient monitoring related to the subaward (2 CFR section 300.332(b)); 3. Issuing a management decision for audit findings pertaining to federal award provided to the subrecipient from the subrecipient as required by 2 CFR section 200.521. Additionally, per 2 CFR section 200.303, non-federal entities must establish and maintain effective internal control over federal awards that provide reasonable assurance that the non-federal entity is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. Condition As part of the Coronavirus State and Local Fiscal Recovery Funds program, the State of New Hampshire (the State) entered into grant agreements with local entities to support allowable activities under the federal program. During the year ended June 30, 2022, the State passed through $2,108,597 to subrecipients. As part of our testwork over the subrecipient monitoring process, we noted the following breakdown of internal controls: A. The State communicates award information to subrecipients through the approved grant agreement. Per review of the grant agreement, for 5 of the 10 subrecipients selected for testwork, the State did not communicate all the required award information as outlined in 2 CFR section 200.332. Specifically, the following elements were not communicated: a. Indirect cost rate for federal awards (including if the deminimus rate is charged per 2 CFR section 200.414) was not communicated for 5 of 10 subrecipients selected for testwork. b. Identification of whether the award is R&D was not communicated for 3 of 10 subrecipients selected for testwork. A. For 2 of 10 subrecipients selected for testwork, there was no documented risk assessment performed over the subrecipient. The State indicated that they had previous experience with these 2 subrecipients and based upon the previous relationship a formal risk assessment was not necessary. As part of our audit, we inquired as to whether a risk assessment was performed in connection with other federal awards that were granted to these entities, but a risk assessment was not able to be provided. While a risk assessment was not performed, we noted that for all each of these 2 subrecipients that the State performed during the award monitoring procedures. B. The State did not appear to have policies and procedures in place to determine if a subrecipient had a Uniform Guidance report if the amount awarded to the subrecipient under this program was under the audit threshold of $750,000. Based on our independent review of uniform guidance submissions within the Federal Audit Clearinghouse, none of the 10 subrecipients selected for testwork had a submitted uniform guidance report, and as such, a management decision letter would not have been required to be submitted for the each of the 10 subrecipients. Cause The cause of the condition found is primarily due to insufficient internal controls and procedures to ensure that award identification information is properly communicated, that risk assessments are performed to ensure sufficient during the awarded monitoring is performed and that all subrecipients are reviewed to determine if a uniform guidance audit was issued regardless of amount awarded to the subrecipient. Given the nature of this program, several Departments within the State entered into subrecipient grants resulting in a decentralized process. Not all Departments within the State are experienced with subrecipient relationships and may not have had developed policies to comply with subrecipient monitoring requirements. Effect The effect of the condition found is that the State did not have sufficient internal controls in place in accordance with 2 CFR section 200.303(a)) and 200.332.(a). In addition, subrecipients could have had a uniform guidance report issued in which a management decision letter needed to be issued but as the Department does not evaluate this for subrecipient?s that were not granted more than $750,000, they would not be able to recognize the need for a management decision letter timely. Questioned Costs None. Recommendation We recommend that the State review its existing internal controls, policies, and procedures to ensure that the State complies with the provisions of 2 CFR section 200.332(a), 2 CFR section 200.332(b), and 2 CFR section 200.251. This would include ensuring that: 1. All required award information is communicated to subrecipients; 2. Documented risk assessments are performed over all subrecipients; and 3. All subrecipients are reviewed regardless of amount awarded to determine if a uniform guidance report was issued and if a management decision letter should be issued. View of Responsible Officials The State largely concurs with the findings and recommendations and has either implemented procedures to address the identified conditions already or will do so. With regard to condition A(a) and (b), although the State illustrated that it includes clauses related to allowed costs in its subawards, including direct and indirect costs, it will work to ensure that agencies entering into such agreements clearly indicate the terms required by Uniform Guidance, including permitted indirect cost rates and whether the award is for R&D. With regard to condition B, the State agrees that risk assessments should have been completed and has since implemented a framework to help ensure that agencies are more consistently conducting and documenting subrecipient risk assessments. With regard to condition C, the State concurs and has already implemented an agency-wide framework to help ensure procedures and policies are in place concerning Uniform Guidance Report review and the issuance of any necessary management decision letters, to the extent required. It is worth noting that the State in most cases has timely conducted risk assessments of subrecipients and reviewed relevant Uniform Guidance Reports, but its corrective actions will result in better documentation and more consistent and timelier follow through. Anticipated Completion Date: The corrective actions indicated above relative to conditions B and C have already been implemented as of the date of this response. The State will work to address Condition A before the end of the current Fiscal Year. Contact Person: Chase Hagaman and Steve Giovinelli
Finding Reference Number: 2022-018 NH Department of Health and Human Services Epidemiology and Laboratory Capacity for Infectious Diseases (ELC) and COVID-19 Epidemiology and Laboratory Capacity for Infectious Diseases (ELC) (Assistance Listing #93.323) Federal Award Numbers: NUK50CK000522 Federal Award Year: 2019 U.S. Department of Health and Human Services Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness and Material Noncompliance Prior Year Finding: 2021-021 Statistically Valid Sample: No Criteria A pass-through entity (PTE) must: 1. Identify the Award and Applicable Requirements ? Clearly identify to the subrecipient: (1) the award as a subaward at the time of subaward (or subsequent subaward modification) by providing the information described in 2 CFR section 200.332(a)(1); (2) all requirements imposed by the PTE on the subrecipient so that the federal award is used in accordance with federal statutes, regulations, and the terms and conditions of the award (2 CFR section 200.332(a)(2)); and (3) any additional requirements that the PTE imposes on the subrecipient in order for the PTE to meet its own responsibility for the federal award (e.g., financial, performance, and special reports) (2 CFR section 200.332(a)(3)). 2. Evaluate Risk ? Evaluate each subrecipient?s risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward (2 CFR section 200.332(b)). 3. Monitor ? Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals (2 CFR sections 200.332(d) through (f)). In addition to procedures identified as necessary based upon the evaluation of subrecipient risk or specifically required by the terms and conditions of the award, subaward monitoring must include the following: a. Reviewing financial and programmatic (performance and special reports) required by the PTE. b. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award provided to the subrecipient from the PTE detected through audits, on-site reviews, and other means. c. Issuing a management decision for audit findings pertaining to the federal award provided to the subrecipient from the PTE as required by 2 CFR section 200.521. 4. Ensure Accountability of For-Profit Subrecipients ? Some federal awards may be passed through to for-profit entities. For-profit subrecipients are accountable to the PTE for the use of the federal funds provided. Because 2 CFR Part 200 does not make Subpart F applicable to for-profit subrecipients, the PTE is responsible for establishing requirements, as necessary, to ensure compliance by for-profit subrecipients for the subaward. The agreement with the for-profit subrecipient must describe applicable compliance requirements and the for-profit subrecipient's compliance responsibility. Methods to ensure compliance for federal awards made to for-profit subrecipients may include pre-award audits, monitoring during the agreement, and post-award audits (2 CFR section 200.501(h)). Additionally, 45 CFR section 75 303(a) states the non Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award Condition During the year ended June 30, 2022, the New Hampshire Department of Health and Human Services (the Department) passed through $5,070,789 of federal funding to 56 subrecipients, both for-profit and non-profit. As part of our testing related subrecipient monitoring, we noted the following: A. The Department communicates award information to subrecipients through the approved agreement. Per review of the agreement, for 14 of 14 subrecipients selected for testwork, the Department did not communicate all the required award information as outlined in 2 CFR section 200.332(a). Specifically, one or all of the following elements were not communicated: - Subrecipient unique entity identifier; - Federal award date; - Name of the federal awarding agency, pass-through entity, and contact information for the awarding official of the pass-through entity; - Identification of whether the award is R&D; and - Indirect cost rate for the federal award B. The Department was unable to provide documentation to support it had evaluated subrecipient risk of noncompliance for all subrecipients for purposes of determining the appropriate subrecipient monitoring related to subawards. C. The Department did not perform any during the award monitoring over the programs subrecipients. D. The Department passed through federal funding to for-profit subrecipients. These subrecipients are not subject to 2 CFR 200 Subpart F and as such, no review over the uniform guidance audit report is performed by the Department. The Department was unable to provide documentation to support it had performed procedures to ensure compliance with the subrecipient agreement in accordance with 2 CFR section 200.501(h). Cause The cause of the condition found was primarily due to a lack of formal policies and internal controls to ensure that all required subrecipient monitoring compliance procedures are being performed by the Department. Effect The effect of the condition found is that the Department did not comply with 2 CFR section 200.332(a - h) and 2 CFR section 200.501(h). Questioned Costs None. Recommendation We recommend the Department develop policies and procedures and implement internal controls to ensure that the Department complies with 2 CFR section 200.332(a-h) and 2 CFR section 200.501(h). View of Responsible Officials The Department will review its Sub-recipient Monitoring Policy and assess compliance across the Department. It is important to note that between April 2020 and June 2022 the Department was involved in the State?s strategic response to the COVID-19 pandemic. During this time, New Hampshire was under a state of emergency (Executive Order 2020-04), processes were rapidly converted to fully digital overnight, the State?s standard approval processes were suspended and non-standard templates were utilized to respond to the COVID-19 pandemic. The Department worked with other State Departments and the National Guard to create a record number of amendments, contracts, and other agreements (approximately 200% more than standard). The Department is in the process of instituting a new contract life cycle management solution that will utilize conditional logic to include the required notifications for agreements involving federal funds in order to ensure compliance. Implementation is anticipated to be complete in July 2023. As the COVID-19 pandemic strategic response has wound down, the Department has not suspended its regular standard approval or subrecipient risk assessment and monitoring processes and has not used non-standard templates to award federal funding. The Financial Compliance Unit (FCU) will continue to work with the Business System Analyst of the Cost Allocation Unit in determining the amount of Federal payments made to the vendors. The FCU receives a vendor payment list on a quarterly basis that includes the total amount of Federal funds that were paid to all contracted agencies. We will continue to closely monitor the FAC to obtain all copies of the Single Audits pertaining to the DHHS agencies. In addition, we will devise a spreadsheet that will list all contracts that have been awarded Federal funds and cross check these agencies to vendor payment list. The DHHS updated the policy on risk assessment on November 16, 2020 to ensure that all contracts have a risk assessment performed regardless of funding source. We also have added verbiage in the contracts effective for contracts that begin after November 2021. It states any Contractor that receives an amount equal to or greater than $250,000 from the Department during a single fiscal year, regardless of the funding source, may be required, at a minimum, to submit annual financial audits performed by an independent CPA if the Department?s risk assessment determination indicates the Contractor is high-risk. Finally, effective for any new procurement subsequent to March 2022, all back-up documentation must accompany the invoices and be submitted on a monthly basis. Anticipated Completion Date: July 2023 Contact Person: Melissa Kelleher, Grants Administrator, Ann Driscoll, Financial Compliance Unit
Finding Reference Number: 2022-018 NH Department of Health and Human Services Epidemiology and Laboratory Capacity for Infectious Diseases (ELC) and COVID-19 Epidemiology and Laboratory Capacity for Infectious Diseases (ELC) (Assistance Listing #93.323) Federal Award Numbers: NUK50CK000522 Federal Award Year: 2019 U.S. Department of Health and Human Services Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness and Material Noncompliance Prior Year Finding: 2021-021 Statistically Valid Sample: No Criteria A pass-through entity (PTE) must: 1. Identify the Award and Applicable Requirements ? Clearly identify to the subrecipient: (1) the award as a subaward at the time of subaward (or subsequent subaward modification) by providing the information described in 2 CFR section 200.332(a)(1); (2) all requirements imposed by the PTE on the subrecipient so that the federal award is used in accordance with federal statutes, regulations, and the terms and conditions of the award (2 CFR section 200.332(a)(2)); and (3) any additional requirements that the PTE imposes on the subrecipient in order for the PTE to meet its own responsibility for the federal award (e.g., financial, performance, and special reports) (2 CFR section 200.332(a)(3)). 2. Evaluate Risk ? Evaluate each subrecipient?s risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward (2 CFR section 200.332(b)). 3. Monitor ? Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals (2 CFR sections 200.332(d) through (f)). In addition to procedures identified as necessary based upon the evaluation of subrecipient risk or specifically required by the terms and conditions of the award, subaward monitoring must include the following: a. Reviewing financial and programmatic (performance and special reports) required by the PTE. b. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award provided to the subrecipient from the PTE detected through audits, on-site reviews, and other means. c. Issuing a management decision for audit findings pertaining to the federal award provided to the subrecipient from the PTE as required by 2 CFR section 200.521. 4. Ensure Accountability of For-Profit Subrecipients ? Some federal awards may be passed through to for-profit entities. For-profit subrecipients are accountable to the PTE for the use of the federal funds provided. Because 2 CFR Part 200 does not make Subpart F applicable to for-profit subrecipients, the PTE is responsible for establishing requirements, as necessary, to ensure compliance by for-profit subrecipients for the subaward. The agreement with the for-profit subrecipient must describe applicable compliance requirements and the for-profit subrecipient's compliance responsibility. Methods to ensure compliance for federal awards made to for-profit subrecipients may include pre-award audits, monitoring during the agreement, and post-award audits (2 CFR section 200.501(h)). Additionally, 45 CFR section 75 303(a) states the non Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award Condition During the year ended June 30, 2022, the New Hampshire Department of Health and Human Services (the Department) passed through $5,070,789 of federal funding to 56 subrecipients, both for-profit and non-profit. As part of our testing related subrecipient monitoring, we noted the following: A. The Department communicates award information to subrecipients through the approved agreement. Per review of the agreement, for 14 of 14 subrecipients selected for testwork, the Department did not communicate all the required award information as outlined in 2 CFR section 200.332(a). Specifically, one or all of the following elements were not communicated: - Subrecipient unique entity identifier; - Federal award date; - Name of the federal awarding agency, pass-through entity, and contact information for the awarding official of the pass-through entity; - Identification of whether the award is R&D; and - Indirect cost rate for the federal award B. The Department was unable to provide documentation to support it had evaluated subrecipient risk of noncompliance for all subrecipients for purposes of determining the appropriate subrecipient monitoring related to subawards. C. The Department did not perform any during the award monitoring over the programs subrecipients. D. The Department passed through federal funding to for-profit subrecipients. These subrecipients are not subject to 2 CFR 200 Subpart F and as such, no review over the uniform guidance audit report is performed by the Department. The Department was unable to provide documentation to support it had performed procedures to ensure compliance with the subrecipient agreement in accordance with 2 CFR section 200.501(h). Cause The cause of the condition found was primarily due to a lack of formal policies and internal controls to ensure that all required subrecipient monitoring compliance procedures are being performed by the Department. Effect The effect of the condition found is that the Department did not comply with 2 CFR section 200.332(a - h) and 2 CFR section 200.501(h). Questioned Costs None. Recommendation We recommend the Department develop policies and procedures and implement internal controls to ensure that the Department complies with 2 CFR section 200.332(a-h) and 2 CFR section 200.501(h). View of Responsible Officials The Department will review its Sub-recipient Monitoring Policy and assess compliance across the Department. It is important to note that between April 2020 and June 2022 the Department was involved in the State?s strategic response to the COVID-19 pandemic. During this time, New Hampshire was under a state of emergency (Executive Order 2020-04), processes were rapidly converted to fully digital overnight, the State?s standard approval processes were suspended and non-standard templates were utilized to respond to the COVID-19 pandemic. The Department worked with other State Departments and the National Guard to create a record number of amendments, contracts, and other agreements (approximately 200% more than standard). The Department is in the process of instituting a new contract life cycle management solution that will utilize conditional logic to include the required notifications for agreements involving federal funds in order to ensure compliance. Implementation is anticipated to be complete in July 2023. As the COVID-19 pandemic strategic response has wound down, the Department has not suspended its regular standard approval or subrecipient risk assessment and monitoring processes and has not used non-standard templates to award federal funding. The Financial Compliance Unit (FCU) will continue to work with the Business System Analyst of the Cost Allocation Unit in determining the amount of Federal payments made to the vendors. The FCU receives a vendor payment list on a quarterly basis that includes the total amount of Federal funds that were paid to all contracted agencies. We will continue to closely monitor the FAC to obtain all copies of the Single Audits pertaining to the DHHS agencies. In addition, we will devise a spreadsheet that will list all contracts that have been awarded Federal funds and cross check these agencies to vendor payment list. The DHHS updated the policy on risk assessment on November 16, 2020 to ensure that all contracts have a risk assessment performed regardless of funding source. We also have added verbiage in the contracts effective for contracts that begin after November 2021. It states any Contractor that receives an amount equal to or greater than $250,000 from the Department during a single fiscal year, regardless of the funding source, may be required, at a minimum, to submit annual financial audits performed by an independent CPA if the Department?s risk assessment determination indicates the Contractor is high-risk. Finally, effective for any new procurement subsequent to March 2022, all back-up documentation must accompany the invoices and be submitted on a monthly basis. Anticipated Completion Date: July 2023 Contact Person: Melissa Kelleher, Grants Administrator, Ann Driscoll, Financial Compliance Unit
Finding Reference Number: 2022-021 NH Department of Health and Human Services Temporary Assistance for Needy Families and COVID-19 Temporary Assistance for Needy Families (Assistance Listing #93.558) Federal Award Numbers: 2021G996115, 2021G990228, 2022G996115 Federal Award Year: 2021, 2022 U.S. Department of Health and Human Services Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness and Material Noncompliance Prior Year Finding: NA Statistically Valid Sample: No Criteria5 A pass-through entity must: 1. Clearly identify to the subrecipient required award information and applicable requirements described in 2 CFR section 200.332(a); 2. Evaluate each subrecipient?s risk of noncompliance for the purposes of determining the appropriate subrecipient monitoring related to the subaward (2 CFR section 300.332(b)); 3. Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals (2 CFR sections 200.332(d) through (f). In addition to procedures identified as necessary based upon the evaluation of subrecipient risk or specifically required through the terms and conditions of the award, subaward monitoring must include following up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means; and 4. Issuing a management decision for audit findings pertaining to federal award provided to the subrecipient from the subrecipient as required by 2 CFR section 200.521. Additionally, per 2 CFR section 200.303, non-federal entities must establish and maintain effective internal control over federal awards that provide reasonable assurance that the non-federal entity is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. Condition As part of the Temporary Assistance for Needy Families program (TANF), the New Hampshire Department of Health and Human Services (the Department) enters into grant agreements with local entities to provide services to support eligible participants. During the year ended June 30, 2022, the Department passed through $3,307,974 to subrecipients. As part of our testwork over the subrecipient monitoring process, we noted the following: A. For 1 of 7 subrecipients selected for testwork, per review of the grant agreement, we noted that the agreement did not contain any funding to be paid under the TANF program and should not have been identified as a TANF subrecipient. The total amount paid to the entity was $13,530. B. The Department communicates award information to subrecipients through the approved grant agreement. Per review of the grant agreement, for 4 of the remaining 6 subrecipients selected for testwork, the Department did not communicate all the required award information as outlined in 2 CFR section 200.332. Specifically, the following elements were not communicated: a. The subrecipient?s unique identifier was not communicated for 1 of the remaining 6 subrecipients selected for testwork b. Indirect cost rate for federal awards (including if the deminimus rate is charged per 2 CFR section 200.414) was not communicated for 2 of the remaining 6 subrecipients selected for testwork c. Identification of whether the award is R&D was not communicated for 4 of the remaining 6 subrecipients selected for testwork. C. The Department did not perform a risk assessment for all subrecipients selected for testwork. As a result, it is unclear if any additional targeted subrecipient monitoring should have been performed. D. For 1 of the remaining 6 subrecipients selected for testwork, there was no evidence that a programmatic monitoring review was completed for the subrecipient as required by their subrecipient monitoring policy. As there was no risk assessment performed for the subrecipient, it was unclear as to whether a programmatic monitoring visit should have been performed. Cause The cause of the condition found is primarily due to insufficient internal controls and procedures to ensure that federal reimbursement of expenditures are only disbursed to entities that have an approved subrecipient grant agreement. In addition, there are insufficient internal controls and procedures to ensure that award identification information is properly communicated with grant agreements and that risk assessments are performed to ensure sufficient during the awarded monitoring is performed over all subrecipients. Effect The effect of the condition found is that the Department did not comply with 2 CFR section 200.332(a), section 200.332(b), CFR section 200.521 and 2 CFR sections 200.332(d) through (f). Questioned Costs $13,530 ? the amount in bullet A above. Recommendation We recommend that the Department review its existing internal controls, policies, and procedures to ensure that the Department complies with the provisions of 2 CFR section 200.332(a), 2 CFR section 200.332(b), 2 CFR sections 200.332(d) through (f), and 2 CFR section 200.251. This would include ensuring that: 1. The Department has an approved subrecipient grant agreement prior to making any disbursements to an entity; 2. All required award information is communicated to subrecipients; 3. A documented risk assessment is performed over all subrecipients, and the results of that risk assessment is used to evaluate the types of monitoring procedures that will be performed over the subrecipient; and 4. As a result of the risk assessment performed, monitoring activities are performed over subrecipients to ensure compliance with the terms and conditions of its subrecipient grant agreement. View of Responsible Officials A. We concur with this finding. The Department utilized an internally available copy of the Management Log, which lists vendor?s determinations. This is a copy of the log, not the original, official copy. There is a delay in updating this copy from the original, and incorrect information had been initially entered. The Department is moving this log to software which allows all Department employees to view the same log, while limiting the number of individuals who have access to make changes. Implementation has been completed as of March 2023. B. We concur with this finding. However, we believe this was an isolated incident as the TANF CFDA number (93.558) used was very similar to correct CFDA number (93.778) that should have been documented. C. 200.332 requirements a. We do not concur with this finding. The contract for Mt Prospect became effective 8/4/21, prior to the 4/22 inception of the UEI. The DUNS number, as in effect at that time, is noticed in Exhibit J of the contract. b. We concur with three of the four findings. Two of the four contracts pre-date the template update requiring the notice an indirect cost rate. Indirect cost rate for federal awards (including if the de minimis rate is charged per 2 CFR section 200.414) were added to Exhibit C of the Department?s contracts in April 2020. One of the contracts did not indicate an indirect cost rate as required. One of the contracts notes the indirect cost rate in the Notes of their financial details. c. One of the two contracts pre-dates the template update requiring the notice the identification of R&D. R&D identifications for federal awards were added to Exhibit C of the Department?s contracts in April 2020 One of the two contracts did not identify whether the contract was R&D as required. D. Subrecipient Risk Assessment ? We concur with the finding. We consider the finding to be fully resolved through Department policy Department policy and Department wide implementation. However, it should be noted full compliance will not be achieved for one to two contact cycles due to timing. The Department began addressing the issue of Subrecipient Monitoring issue in June 2017 when the first Grants Administrator was hired. The Department finalized the Subrecipient Monitoring Policy, which encompasses the financial and programmatic risk assessments as well as the subrecipient monitoring, on June 1, 2018. The Department provided user training on the subject in February and September 2018, training over one hundred forty-six staff. However, only brand new procurements utilized this policy during the initial roll out of this policy. The Department hired a new Grants Administrator in May 2019. The full Subrecipient Monitoring policy rolled out to all procurements, including sole source, amendments, and renewals, effective August 1, 2020. The Contracts Unit received specialized subrecipient monitoring training on May 13 and October 28, 2020. Department wide training to all staff occurred weekly between September 8 and November 3, 2020. The Grants Office provided additional targeted training to Program staff through team meetings. Over one hundred fifty Program and Finance staff received training. Annual training will be held in September each year. Refresher training or training for new staff is available upon request from the Grants Office. The Grants Office website offers Program, Finance, and Contracts Bureau staff access to the subrecipient monitoring policy, as well as training modules, slides, and tools. The training has also been recorded and is available on this site. The Subrecipient Monitoring Policy requires Program to determine whether any vendor which receives funds in exchange for goods or services is a Contractor or Subrecipient. Determined subrecipients receive a Management Questionnaire, which includes a ten question questionnaire and requirements for submitting financial data. This information is used to populate the Risk Assessment Tool, which shows any risks pertinent to a subrecipient and the subaward. Based on the risks shown, Program chooses monitoring activities to mitigate the risks and the Contracts Bureau memorializes these choices in the contract. The Grants Office continues to work closely with the Contracts Bureau to ensure compliance with the Subrecipient Monitoring policy. C. and D. It is also important to note that between April 2020 and June 2022 the Department was involved in the State?s strategic response to the COVID-19 pandemic. During this time, New Hampshire was under a state of emergency (Executive Order 2020-04), processes were rapidly converted to fully digital overnight, the State?s standard approval processes were suspended and non-standard templates, which did not include the required notifications under 200.332, were utilized to respond to the COVID-19 pandemic. The Department worked with other State Departments and the National Guard to create a record number of amendments, contracts, and other agreements (approximately 200% more than standard). The Department is in the process of instituting a new contract life cycle management solution that will utilize conditional logic to include the required notifications for agreements involving federal funds in order to ensure compliance. Implementation is anticipated to be complete in July 2023. As the COVID-19 pandemic strategic response has wound down, the Department has not suspended its regular standard approval or subrecipient risk assessment and monitoring processes and has not used non-standard templates to award federal funding. E. We concur there was no formal documentation of any monitoring activity. Due to staff turnover a new administrator has been hired and unable to furnish the monitoring that took place during FY22. However, a program site review during FY23 was performed and financial monitoring of invoices has also taken place. Anticipated Completion Date: July, 2023 Contact Person: Melissa Kelleher, Administrator Rejoinder As documented above in Bullet B of the condition found, the Department did not properly communicate all required award information to the subrecipient. Once aware of the noncompliance, the Department should have timely communicated this information to its subrecipients.
Finding Reference Number: 2022-021 NH Department of Health and Human Services Temporary Assistance for Needy Families and COVID-19 Temporary Assistance for Needy Families (Assistance Listing #93.558) Federal Award Numbers: 2021G996115, 2021G990228, 2022G996115 Federal Award Year: 2021, 2022 U.S. Department of Health and Human Services Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness and Material Noncompliance Prior Year Finding: NA Statistically Valid Sample: No Criteria5 A pass-through entity must: 1. Clearly identify to the subrecipient required award information and applicable requirements described in 2 CFR section 200.332(a); 2. Evaluate each subrecipient?s risk of noncompliance for the purposes of determining the appropriate subrecipient monitoring related to the subaward (2 CFR section 300.332(b)); 3. Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals (2 CFR sections 200.332(d) through (f). In addition to procedures identified as necessary based upon the evaluation of subrecipient risk or specifically required through the terms and conditions of the award, subaward monitoring must include following up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means; and 4. Issuing a management decision for audit findings pertaining to federal award provided to the subrecipient from the subrecipient as required by 2 CFR section 200.521. Additionally, per 2 CFR section 200.303, non-federal entities must establish and maintain effective internal control over federal awards that provide reasonable assurance that the non-federal entity is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. Condition As part of the Temporary Assistance for Needy Families program (TANF), the New Hampshire Department of Health and Human Services (the Department) enters into grant agreements with local entities to provide services to support eligible participants. During the year ended June 30, 2022, the Department passed through $3,307,974 to subrecipients. As part of our testwork over the subrecipient monitoring process, we noted the following: A. For 1 of 7 subrecipients selected for testwork, per review of the grant agreement, we noted that the agreement did not contain any funding to be paid under the TANF program and should not have been identified as a TANF subrecipient. The total amount paid to the entity was $13,530. B. The Department communicates award information to subrecipients through the approved grant agreement. Per review of the grant agreement, for 4 of the remaining 6 subrecipients selected for testwork, the Department did not communicate all the required award information as outlined in 2 CFR section 200.332. Specifically, the following elements were not communicated: a. The subrecipient?s unique identifier was not communicated for 1 of the remaining 6 subrecipients selected for testwork b. Indirect cost rate for federal awards (including if the deminimus rate is charged per 2 CFR section 200.414) was not communicated for 2 of the remaining 6 subrecipients selected for testwork c. Identification of whether the award is R&D was not communicated for 4 of the remaining 6 subrecipients selected for testwork. C. The Department did not perform a risk assessment for all subrecipients selected for testwork. As a result, it is unclear if any additional targeted subrecipient monitoring should have been performed. D. For 1 of the remaining 6 subrecipients selected for testwork, there was no evidence that a programmatic monitoring review was completed for the subrecipient as required by their subrecipient monitoring policy. As there was no risk assessment performed for the subrecipient, it was unclear as to whether a programmatic monitoring visit should have been performed. Cause The cause of the condition found is primarily due to insufficient internal controls and procedures to ensure that federal reimbursement of expenditures are only disbursed to entities that have an approved subrecipient grant agreement. In addition, there are insufficient internal controls and procedures to ensure that award identification information is properly communicated with grant agreements and that risk assessments are performed to ensure sufficient during the awarded monitoring is performed over all subrecipients. Effect The effect of the condition found is that the Department did not comply with 2 CFR section 200.332(a), section 200.332(b), CFR section 200.521 and 2 CFR sections 200.332(d) through (f). Questioned Costs $13,530 ? the amount in bullet A above. Recommendation We recommend that the Department review its existing internal controls, policies, and procedures to ensure that the Department complies with the provisions of 2 CFR section 200.332(a), 2 CFR section 200.332(b), 2 CFR sections 200.332(d) through (f), and 2 CFR section 200.251. This would include ensuring that: 1. The Department has an approved subrecipient grant agreement prior to making any disbursements to an entity; 2. All required award information is communicated to subrecipients; 3. A documented risk assessment is performed over all subrecipients, and the results of that risk assessment is used to evaluate the types of monitoring procedures that will be performed over the subrecipient; and 4. As a result of the risk assessment performed, monitoring activities are performed over subrecipients to ensure compliance with the terms and conditions of its subrecipient grant agreement. View of Responsible Officials A. We concur with this finding. The Department utilized an internally available copy of the Management Log, which lists vendor?s determinations. This is a copy of the log, not the original, official copy. There is a delay in updating this copy from the original, and incorrect information had been initially entered. The Department is moving this log to software which allows all Department employees to view the same log, while limiting the number of individuals who have access to make changes. Implementation has been completed as of March 2023. B. We concur with this finding. However, we believe this was an isolated incident as the TANF CFDA number (93.558) used was very similar to correct CFDA number (93.778) that should have been documented. C. 200.332 requirements a. We do not concur with this finding. The contract for Mt Prospect became effective 8/4/21, prior to the 4/22 inception of the UEI. The DUNS number, as in effect at that time, is noticed in Exhibit J of the contract. b. We concur with three of the four findings. Two of the four contracts pre-date the template update requiring the notice an indirect cost rate. Indirect cost rate for federal awards (including if the de minimis rate is charged per 2 CFR section 200.414) were added to Exhibit C of the Department?s contracts in April 2020. One of the contracts did not indicate an indirect cost rate as required. One of the contracts notes the indirect cost rate in the Notes of their financial details. c. One of the two contracts pre-dates the template update requiring the notice the identification of R&D. R&D identifications for federal awards were added to Exhibit C of the Department?s contracts in April 2020 One of the two contracts did not identify whether the contract was R&D as required. D. Subrecipient Risk Assessment ? We concur with the finding. We consider the finding to be fully resolved through Department policy Department policy and Department wide implementation. However, it should be noted full compliance will not be achieved for one to two contact cycles due to timing. The Department began addressing the issue of Subrecipient Monitoring issue in June 2017 when the first Grants Administrator was hired. The Department finalized the Subrecipient Monitoring Policy, which encompasses the financial and programmatic risk assessments as well as the subrecipient monitoring, on June 1, 2018. The Department provided user training on the subject in February and September 2018, training over one hundred forty-six staff. However, only brand new procurements utilized this policy during the initial roll out of this policy. The Department hired a new Grants Administrator in May 2019. The full Subrecipient Monitoring policy rolled out to all procurements, including sole source, amendments, and renewals, effective August 1, 2020. The Contracts Unit received specialized subrecipient monitoring training on May 13 and October 28, 2020. Department wide training to all staff occurred weekly between September 8 and November 3, 2020. The Grants Office provided additional targeted training to Program staff through team meetings. Over one hundred fifty Program and Finance staff received training. Annual training will be held in September each year. Refresher training or training for new staff is available upon request from the Grants Office. The Grants Office website offers Program, Finance, and Contracts Bureau staff access to the subrecipient monitoring policy, as well as training modules, slides, and tools. The training has also been recorded and is available on this site. The Subrecipient Monitoring Policy requires Program to determine whether any vendor which receives funds in exchange for goods or services is a Contractor or Subrecipient. Determined subrecipients receive a Management Questionnaire, which includes a ten question questionnaire and requirements for submitting financial data. This information is used to populate the Risk Assessment Tool, which shows any risks pertinent to a subrecipient and the subaward. Based on the risks shown, Program chooses monitoring activities to mitigate the risks and the Contracts Bureau memorializes these choices in the contract. The Grants Office continues to work closely with the Contracts Bureau to ensure compliance with the Subrecipient Monitoring policy. C. and D. It is also important to note that between April 2020 and June 2022 the Department was involved in the State?s strategic response to the COVID-19 pandemic. During this time, New Hampshire was under a state of emergency (Executive Order 2020-04), processes were rapidly converted to fully digital overnight, the State?s standard approval processes were suspended and non-standard templates, which did not include the required notifications under 200.332, were utilized to respond to the COVID-19 pandemic. The Department worked with other State Departments and the National Guard to create a record number of amendments, contracts, and other agreements (approximately 200% more than standard). The Department is in the process of instituting a new contract life cycle management solution that will utilize conditional logic to include the required notifications for agreements involving federal funds in order to ensure compliance. Implementation is anticipated to be complete in July 2023. As the COVID-19 pandemic strategic response has wound down, the Department has not suspended its regular standard approval or subrecipient risk assessment and monitoring processes and has not used non-standard templates to award federal funding. E. We concur there was no formal documentation of any monitoring activity. Due to staff turnover a new administrator has been hired and unable to furnish the monitoring that took place during FY22. However, a program site review during FY23 was performed and financial monitoring of invoices has also taken place. Anticipated Completion Date: July, 2023 Contact Person: Melissa Kelleher, Administrator Rejoinder As documented above in Bullet B of the condition found, the Department did not properly communicate all required award information to the subrecipient. Once aware of the noncompliance, the Department should have timely communicated this information to its subrecipients.
Finding Reference Number: 2022-025 NH Department of Energy Low Income Home Energy Assistance and COVID-19 Low Income Home Energy Assistance (Assistance Listing #93.568) Federal Award Numbers: 2001NHLEA, 2001NHLIE4, 2001NH5C3, 2101NHLIEA, 2101NHE5C6, 2201NHLIEA, 2101NHLIE4 Federal Award Year: 2020, 2021, 2022 U.S. Department of Health and Human Services Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness and Material Noncompliance Prior Year Finding: 2021-027 Statistically Valid Sample: No Criteria A pass-through entity must: 1. Clearly identify to the subrecipient required award information and applicable requirements described in 2 CFR section 200.332(a); 2. Evaluate each subrecipient?s risk of noncompliance for the purposes of determining the appropriate subrecipient monitoring related to the subaward (2 CFR section 300.332(b)); 3. Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals (2 CFR sections 200.332(d) through (f). In addition to procedures identified as necessary based upon the evaluation of subrecipient risk or specifically required through the terms and conditions of the award, subaward monitoring must include following up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means; and 4. Issuing a management decision for audit findings pertaining to federal award provided to the subrecipient from the subrecipient as required by 2 CFR section 200.521. Additionally, Title 45 U.S. Code of Federal Regulation Part 75 (45 CFR section 75), Uniform Administrative Requirements, Cost Principles, and Audit Requirements for HS Awards, section 75.303(a), Internal Controls, states the non-Federal entity must establish and maintain effective internal control over the federal award that provides reasonable assurance that the non-Federal entity is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. Condition As part of the Low-Income Home Energy Assistance program (LIHEAP), the New Hampshire Department of Energy (the Department) enters into grant agreements with local entities to provide services related to the eligibility determination process for the LIHEAP program (including the calculation of participant benefits) and payment of benefits to fuel providers. During the year ended June 30, 2022, $37,990,873 was passed through to subrecipients. As part of our testwork over the subrecipient monitoring process, we noted the following as of the year ending June 30, 2022: A. The Department communicates award information to subrecipients through the approved grant agreement. Per review of the grant agreement, for each of the 3 subrecipients selected for testwork, the Department did not communicate all the required award information as outlined in 2 CFR section 200.332. Specifically, the following elements were not communicated: a. Federal Award Identification Number (FAIN) b. Federal award date c. Indirect cost rate for federal awards (including if the deminimus rate is charged per 2 CFR section 200.414) d. Identification of whether the award is R&D B. The Department performed a risk assessment for each of the 3 subrecipients selected for testwork. As part of the risk assessment process, a score was given to each subrecipient with corresponded to a particular risk assessment, such as higher or average risk. The Department however does not have a formal risk assessment policy so it was unclear what additional monitoring procedures should have been performed for each subrecipient based upon their assigned risk. C. For 2 of 3 programmatic monitoring reviews selected for testwork, the Department did not tissue its programmatic monitoring reports to the subrecipient timely after the monitoring review was completed. As a result, there was a delay in the subrecipient implementing its corrective action plan to address the findings identified during the programmatic monitoring review. Specifically, we noted the following: a. For 1 of 2 programmatic monitoring reviews, the monitoring review took place on April 14, 2022, but the report to the subrecipient was not issued until September 2022. Per review of the report that was issued, there were findings identified by the Department that warranted corrective action. Due to the delay in issuing the report, a corrective action plan was not obtained from the subrecipient until 5 months after the date of that the monitoring review took place b. For 1 of 2 programmatic monitoring reviews, the monitoring review took place on April 12, 2022, but the report to the subrecipient was not issued until July 2022. Per review of the report that was issued, there were findings identified by the Department that warranted corrective action. Due to the delay in issuing the report, a corrective action plan was not obtained from the subrecipient until 3 months after the date that the monitoring review took place. D. For all 3 subrecipients selected for testwork, the Department did not complete its annual fiscal monitoring review during the audit period as required by their monitoring policy. E. During our testwork over the Department?s review of subrecipient uniform guidance reports, we noted the following: a. The Department does not track the receipt of uniform guidance reports. As a result, we were unable to determine when the uniform guidance reports were received by the Department to ensure they are reviewed timely. Specifically, we noted: i. For 1 of 3 subrecipients, the subrecipient?s uniform guidance appeared to have been reviewed, but as the Department does not track the receipt of uniform guidance reports, it was unclear if it was reviewed timely. We did note based on the date that the uniform guidance report was issued, the management decision letter was not issued within 6 months of the date of the report being issued as required by 2 CRF 200.521 (d). ii. For 2 of 3 subrecipients selected for testwork, we were unable to obtain evidence to support that the Department had obtained and reviewed the subrecipient?s uniform guidance report. F. The Annual Report on Households Assisted by LIHEAP contains data that is specific to benefits paid to eligible participants. The data that is used to compile the annual report is obtained from case data that is reported to the New Hampshire Department of Energy (the Department) from its subrecipients as the Department has entered into grant agreements with third parties who are responsible for the eligibility determination and benefit payment process. As part of our subrecipient monitoring testwork, we were unable to verify that the Department had performed any monitoring procedures over the data provided by each subrecipient to ensure that the data reported within the annual report was complete and accurate. Cause The cause of the condition found was primarily due to insufficient documented subrecipient policies and procedures to ensure that adequate monitoring is performed over subrecipients to align with the risk assessments performed. The monitoring procedures that are in place to not include the completeness and accuracy of the data submitted by the subrecipient utilized to compile federal reports. Further, the Department does not have sufficient internal controls and procedures to ensure results of monitoring visits are performed and results communicated timely to subrecipient or to ensure that subrecipient uniform guidance reports are obtained and reviewed timely. In addition, there are insufficient internal controls in place to review the grant agreements to ensure that all required data elements are communicated to the subrecipient in accordance with 2 CFR section 300.332(b). Effect The effect of the condition found is that the Department did not comply with 2 CFR section 200.332(a), section 200.332(b) and 2 CFR section 200.521. Questioned Costs None. Recommendation We recommend that the Department formalize, policies and procedures and implement the necessary internal controls to ensure that the Department complies with the provisions of 2 CFR section 200.332(a), 2 CFR section 200.332(b) and 2 CFR section 200.251. This would include ensuring that: 1. All required award information is communicated to subrecipients; 2. A documented risk assessment is performed over all subrecipients and the results of that risk assessment is used to evaluate the types of monitoring procedures that will be performed over the subrecipient including the review of data utilized by the Department to compile federal reports; 3. As a result of the risk assessment performed, monitoring activities are performed over subrecipients to ensure compliance with the terms and conditions of its subrecipient grant agreement. The results of all monitoring reviews should be timely communicated in accordance with the Department?s policies to the subrecipient and actions requiring corrective action plan should be followed up on to ensure that the matter is resolved; and 4. Ensure that all uniform guidance reports are collected and reviewed timely so that a management decision letter can be issued within the time period required by federal regulations. View of Responsible Officials The Department of Energy recognizes the need to include all required information to be communicated to sub-recipients, and that all sub-recipients? risk assessments are thoroughly completed. In addition, uniform guidance reports need to be collected and reviewed to ensure that management letters be issued within the required timeframe. Anticipated Completion Date: Ongoing Contact Person Eileen Smiglowski, NH LIHEAP Administrator
Finding Reference Number: 2022-025 NH Department of Energy Low Income Home Energy Assistance and COVID-19 Low Income Home Energy Assistance (Assistance Listing #93.568) Federal Award Numbers: 2001NHLEA, 2001NHLIE4, 2001NH5C3, 2101NHLIEA, 2101NHE5C6, 2201NHLIEA, 2101NHLIE4 Federal Award Year: 2020, 2021, 2022 U.S. Department of Health and Human Services Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness and Material Noncompliance Prior Year Finding: 2021-027 Statistically Valid Sample: No Criteria A pass-through entity must: 1. Clearly identify to the subrecipient required award information and applicable requirements described in 2 CFR section 200.332(a); 2. Evaluate each subrecipient?s risk of noncompliance for the purposes of determining the appropriate subrecipient monitoring related to the subaward (2 CFR section 300.332(b)); 3. Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals (2 CFR sections 200.332(d) through (f). In addition to procedures identified as necessary based upon the evaluation of subrecipient risk or specifically required through the terms and conditions of the award, subaward monitoring must include following up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means; and 4. Issuing a management decision for audit findings pertaining to federal award provided to the subrecipient from the subrecipient as required by 2 CFR section 200.521. Additionally, Title 45 U.S. Code of Federal Regulation Part 75 (45 CFR section 75), Uniform Administrative Requirements, Cost Principles, and Audit Requirements for HS Awards, section 75.303(a), Internal Controls, states the non-Federal entity must establish and maintain effective internal control over the federal award that provides reasonable assurance that the non-Federal entity is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. Condition As part of the Low-Income Home Energy Assistance program (LIHEAP), the New Hampshire Department of Energy (the Department) enters into grant agreements with local entities to provide services related to the eligibility determination process for the LIHEAP program (including the calculation of participant benefits) and payment of benefits to fuel providers. During the year ended June 30, 2022, $37,990,873 was passed through to subrecipients. As part of our testwork over the subrecipient monitoring process, we noted the following as of the year ending June 30, 2022: A. The Department communicates award information to subrecipients through the approved grant agreement. Per review of the grant agreement, for each of the 3 subrecipients selected for testwork, the Department did not communicate all the required award information as outlined in 2 CFR section 200.332. Specifically, the following elements were not communicated: a. Federal Award Identification Number (FAIN) b. Federal award date c. Indirect cost rate for federal awards (including if the deminimus rate is charged per 2 CFR section 200.414) d. Identification of whether the award is R&D B. The Department performed a risk assessment for each of the 3 subrecipients selected for testwork. As part of the risk assessment process, a score was given to each subrecipient with corresponded to a particular risk assessment, such as higher or average risk. The Department however does not have a formal risk assessment policy so it was unclear what additional monitoring procedures should have been performed for each subrecipient based upon their assigned risk. C. For 2 of 3 programmatic monitoring reviews selected for testwork, the Department did not tissue its programmatic monitoring reports to the subrecipient timely after the monitoring review was completed. As a result, there was a delay in the subrecipient implementing its corrective action plan to address the findings identified during the programmatic monitoring review. Specifically, we noted the following: a. For 1 of 2 programmatic monitoring reviews, the monitoring review took place on April 14, 2022, but the report to the subrecipient was not issued until September 2022. Per review of the report that was issued, there were findings identified by the Department that warranted corrective action. Due to the delay in issuing the report, a corrective action plan was not obtained from the subrecipient until 5 months after the date of that the monitoring review took place b. For 1 of 2 programmatic monitoring reviews, the monitoring review took place on April 12, 2022, but the report to the subrecipient was not issued until July 2022. Per review of the report that was issued, there were findings identified by the Department that warranted corrective action. Due to the delay in issuing the report, a corrective action plan was not obtained from the subrecipient until 3 months after the date that the monitoring review took place. D. For all 3 subrecipients selected for testwork, the Department did not complete its annual fiscal monitoring review during the audit period as required by their monitoring policy. E. During our testwork over the Department?s review of subrecipient uniform guidance reports, we noted the following: a. The Department does not track the receipt of uniform guidance reports. As a result, we were unable to determine when the uniform guidance reports were received by the Department to ensure they are reviewed timely. Specifically, we noted: i. For 1 of 3 subrecipients, the subrecipient?s uniform guidance appeared to have been reviewed, but as the Department does not track the receipt of uniform guidance reports, it was unclear if it was reviewed timely. We did note based on the date that the uniform guidance report was issued, the management decision letter was not issued within 6 months of the date of the report being issued as required by 2 CRF 200.521 (d). ii. For 2 of 3 subrecipients selected for testwork, we were unable to obtain evidence to support that the Department had obtained and reviewed the subrecipient?s uniform guidance report. F. The Annual Report on Households Assisted by LIHEAP contains data that is specific to benefits paid to eligible participants. The data that is used to compile the annual report is obtained from case data that is reported to the New Hampshire Department of Energy (the Department) from its subrecipients as the Department has entered into grant agreements with third parties who are responsible for the eligibility determination and benefit payment process. As part of our subrecipient monitoring testwork, we were unable to verify that the Department had performed any monitoring procedures over the data provided by each subrecipient to ensure that the data reported within the annual report was complete and accurate. Cause The cause of the condition found was primarily due to insufficient documented subrecipient policies and procedures to ensure that adequate monitoring is performed over subrecipients to align with the risk assessments performed. The monitoring procedures that are in place to not include the completeness and accuracy of the data submitted by the subrecipient utilized to compile federal reports. Further, the Department does not have sufficient internal controls and procedures to ensure results of monitoring visits are performed and results communicated timely to subrecipient or to ensure that subrecipient uniform guidance reports are obtained and reviewed timely. In addition, there are insufficient internal controls in place to review the grant agreements to ensure that all required data elements are communicated to the subrecipient in accordance with 2 CFR section 300.332(b). Effect The effect of the condition found is that the Department did not comply with 2 CFR section 200.332(a), section 200.332(b) and 2 CFR section 200.521. Questioned Costs None. Recommendation We recommend that the Department formalize, policies and procedures and implement the necessary internal controls to ensure that the Department complies with the provisions of 2 CFR section 200.332(a), 2 CFR section 200.332(b) and 2 CFR section 200.251. This would include ensuring that: 1. All required award information is communicated to subrecipients; 2. A documented risk assessment is performed over all subrecipients and the results of that risk assessment is used to evaluate the types of monitoring procedures that will be performed over the subrecipient including the review of data utilized by the Department to compile federal reports; 3. As a result of the risk assessment performed, monitoring activities are performed over subrecipients to ensure compliance with the terms and conditions of its subrecipient grant agreement. The results of all monitoring reviews should be timely communicated in accordance with the Department?s policies to the subrecipient and actions requiring corrective action plan should be followed up on to ensure that the matter is resolved; and 4. Ensure that all uniform guidance reports are collected and reviewed timely so that a management decision letter can be issued within the time period required by federal regulations. View of Responsible Officials The Department of Energy recognizes the need to include all required information to be communicated to sub-recipients, and that all sub-recipients? risk assessments are thoroughly completed. In addition, uniform guidance reports need to be collected and reviewed to ensure that management letters be issued within the required timeframe. Anticipated Completion Date: Ongoing Contact Person Eileen Smiglowski, NH LIHEAP Administrator
Finding 2022-076 Compliance with Federal Subrecipient Monitoring Requirements The Department receives federal grant funds directly from the federal government for the Highway Planning and Construction Program (Program) and then subgrants, or passes through, a portion of the funds to cities and counties and other organizations that are considered to be either a subrecipient or a contractor. A subrecipient is a non-federal entity that expends federal awards received from a pass-through entity to carry out a federal program, but does not include an individual that is a beneficiary receiving direct payments from such a program. A contractor is a dealer, distributor, merchant, or other seller providing goods or services that are required to conduct a federal program; these goods or services may be for an organization?s own use or for the use of beneficiaries of the federal program. The Department executes an Intergovemental Agreement (IGA) between the Department and the subrecipient. Under Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance), the Department is responsible for evaluating each subrecipient's risk of noncompliance with federal statutes, regulations, and the terms and conditions of the subaward and for ultimately ensuring the subrecipient is determined eligible. In some instances, in coordination with the Federal Highway Association (FHWA), a Metropolitan Planning Organization (MPO)? rather than the primary recipient, such as the Department?is responsible for performing eligibility determinations. As such, in those instances, the Department does not perform risk-assessments on these contracts and only is responsible for on-going monitoring. What was the purpose of our audit work and what work was performed? The purpose of the audit work was to determine whether the Department had effective internal controls in place and complied with subrecipient monitoring activities for the Program during Fiscal Year 2022. As part of our audit work, we reviewed the Department?s internal controls over compliance for subrecipient monitoring requirements for the Program, including the Department?s policies and procedures. We tested a random sample of 25 of the Department?s 92 subrecipients (27 percent) for the Program?for which the Department had an IGA in place during Fiscal Year 2022?to determine whether subrecipient monitoring procedures performed by Department staff during the year were compliant with federal regulations. Our testing included evaluating whether the Department performed risk assessments and determined the appropriate level of subrecipient monitoring for the entities, as required by federal Uniform Guidance. How were the results of the audit work measured? Our audit work was designed to measure the Department?s compliance with the following criteria: ? Federal regulations [2 CFR 200.303] state that the Department, as a federal grant recipient, must ?establish and maintain effective internal controls over the Federal awards that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulation, and the terms and conditions of the Federal award.? ? Federal regulations [2 CFR 200.332(b)] also state that the Department must evaluate each subrecipient?s risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward and may include various factors. ? Federal regulations [2 CFR 200.332(d) through (f)] and [2 CFR 200.521] further require the Department to monitor the activities of its subrecipients, as necessary, to ensure that each subaward is used for authorized purposes, the subrecipient complies with the terms and conditions of the subaward, and that the subrecipient achieves performance goals. The Department?s monitoring must include: o Reviewing financial and programmatic reports submitted by the subrecipient o Following-up on and ensuring the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award o Issuing a management decision for audit findings pertaining to the federal award provided to the subrecipient from the pass-through entity What problems did the audit work identify? We determined that the Department did not comply with subrecipient monitoring requirements for the Highway Planning and Construction Program during Fiscal Year 2022, as noted below: ? The Department did not perform a risk assessment for 6 of the 25 subrecipients (24 percent) we tested, including subrecipients where eligibility was determined by a MPO. ? The Department improperly included one vendor in our population of subrecipients. The nature of services provided by the vendor was personal services, therefore, did not require the execution of an IGA. ? The Department did not provide supporting documentation for reviews of any Fiscal Year 2022 financial and programmatic reports. As a result, we were unable to determine if any reviews were conducted during the fiscal year, as required. Why did these problems occur? While the Department has created a subrecipient monitoring and risk assessment manual, the manual lacks clarity in a variety of areas, including the following: ? For contracts which extend over multiple fiscal years, the policies do not specify the frequency in which subrecipient risk-assessment should be reviewed or updated. ? There are multiple types of subrecipient contracts for which the full risk-assessment process may not be applicable, however, the current policies do not address acceptable exceptions to the policy. ? The Department?s current policies do not include guidance related to the review of financial and programmatic reports, including the extent to which required programmatic and financial reports should be obtained and reviewed. ? The Department?s policies and procedures do not clearly indicate that the Department is not required to complete a risk assessment when an MPO determines eligibility and therefore the nature of monitoring procedures to be performed is not defined. ? Requested audit documentation was not provided timely. Further, the Department did not provide sufficiently-detailed training to staff to ensure they were aware of and conducted required subrecipient monitoring responsibilities. Why do these problems matter? Performing timely and appropriate monitoring of subrecipients provides the Department with a method to ensure its subrecipients are complying with applicable federal grant requirements. By taking appropriate actions based on the results of its subrecipient monitoring activities, the Department can mitigate the risk of providing continuing funding to entities that may not be using funds in accordance with program requirements. Overall, the Department?s failure to comply with federal requirements could result in a loss of funding from the federal government. See Schedule of Findings and Questioned Costs for chart/table Recommendation 2022-076 The Department of Transportation should strengthen internal controls over and ensure that it complies with federal subrecipient monitoring requirements for the Highway Planning and Construction program by: A. Updating its current subrecipient monitoring and risk assessment policy to clarify the frequency in which a risk assessment is required to be completed or updated, as applicable for contracts that span multiple fiscal years, as well as direction regarding when it is acceptable to forgo performing a risk assessment and updating the policy to address the nature in which subrecipient programmatic and financial reports are reviewed B. Providing training to staff responsible for subrecipient monitoring activities related to the policies updated in Part A of the finding. Response Department of Transportation A. Agree Implementation Date: November 2023 The Department will update the policy to clarify the frequency in which the risk assessment is required to be completed or updated as applicable for contracts that span multiple fiscal years, as well as identifying exceptions, outlining when it is acceptable to forgo risk assessments. The Department will also update the policy to address the nature in which the subrecipient programmatic and financial reports are reviewed. The updates will be completed by November 2023. B. Agree Implementation Date: November 2023 The Department will provide training on the subrecipient monitoring policy manual to outline roles, responsibilities and the frequency of risk assessments that span over multiple fiscal years. The training will also provide guidance on the programmatic and financial information review process.
Finding 2022-076 Compliance with Federal Subrecipient Monitoring Requirements The Department receives federal grant funds directly from the federal government for the Highway Planning and Construction Program (Program) and then subgrants, or passes through, a portion of the funds to cities and counties and other organizations that are considered to be either a subrecipient or a contractor. A subrecipient is a non-federal entity that expends federal awards received from a pass-through entity to carry out a federal program, but does not include an individual that is a beneficiary receiving direct payments from such a program. A contractor is a dealer, distributor, merchant, or other seller providing goods or services that are required to conduct a federal program; these goods or services may be for an organization?s own use or for the use of beneficiaries of the federal program. The Department executes an Intergovemental Agreement (IGA) between the Department and the subrecipient. Under Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance), the Department is responsible for evaluating each subrecipient's risk of noncompliance with federal statutes, regulations, and the terms and conditions of the subaward and for ultimately ensuring the subrecipient is determined eligible. In some instances, in coordination with the Federal Highway Association (FHWA), a Metropolitan Planning Organization (MPO)? rather than the primary recipient, such as the Department?is responsible for performing eligibility determinations. As such, in those instances, the Department does not perform risk-assessments on these contracts and only is responsible for on-going monitoring. What was the purpose of our audit work and what work was performed? The purpose of the audit work was to determine whether the Department had effective internal controls in place and complied with subrecipient monitoring activities for the Program during Fiscal Year 2022. As part of our audit work, we reviewed the Department?s internal controls over compliance for subrecipient monitoring requirements for the Program, including the Department?s policies and procedures. We tested a random sample of 25 of the Department?s 92 subrecipients (27 percent) for the Program?for which the Department had an IGA in place during Fiscal Year 2022?to determine whether subrecipient monitoring procedures performed by Department staff during the year were compliant with federal regulations. Our testing included evaluating whether the Department performed risk assessments and determined the appropriate level of subrecipient monitoring for the entities, as required by federal Uniform Guidance. How were the results of the audit work measured? Our audit work was designed to measure the Department?s compliance with the following criteria: ? Federal regulations [2 CFR 200.303] state that the Department, as a federal grant recipient, must ?establish and maintain effective internal controls over the Federal awards that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulation, and the terms and conditions of the Federal award.? ? Federal regulations [2 CFR 200.332(b)] also state that the Department must evaluate each subrecipient?s risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward and may include various factors. ? Federal regulations [2 CFR 200.332(d) through (f)] and [2 CFR 200.521] further require the Department to monitor the activities of its subrecipients, as necessary, to ensure that each subaward is used for authorized purposes, the subrecipient complies with the terms and conditions of the subaward, and that the subrecipient achieves performance goals. The Department?s monitoring must include: o Reviewing financial and programmatic reports submitted by the subrecipient o Following-up on and ensuring the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award o Issuing a management decision for audit findings pertaining to the federal award provided to the subrecipient from the pass-through entity What problems did the audit work identify? We determined that the Department did not comply with subrecipient monitoring requirements for the Highway Planning and Construction Program during Fiscal Year 2022, as noted below: ? The Department did not perform a risk assessment for 6 of the 25 subrecipients (24 percent) we tested, including subrecipients where eligibility was determined by a MPO. ? The Department improperly included one vendor in our population of subrecipients. The nature of services provided by the vendor was personal services, therefore, did not require the execution of an IGA. ? The Department did not provide supporting documentation for reviews of any Fiscal Year 2022 financial and programmatic reports. As a result, we were unable to determine if any reviews were conducted during the fiscal year, as required. Why did these problems occur? While the Department has created a subrecipient monitoring and risk assessment manual, the manual lacks clarity in a variety of areas, including the following: ? For contracts which extend over multiple fiscal years, the policies do not specify the frequency in which subrecipient risk-assessment should be reviewed or updated. ? There are multiple types of subrecipient contracts for which the full risk-assessment process may not be applicable, however, the current policies do not address acceptable exceptions to the policy. ? The Department?s current policies do not include guidance related to the review of financial and programmatic reports, including the extent to which required programmatic and financial reports should be obtained and reviewed. ? The Department?s policies and procedures do not clearly indicate that the Department is not required to complete a risk assessment when an MPO determines eligibility and therefore the nature of monitoring procedures to be performed is not defined. ? Requested audit documentation was not provided timely. Further, the Department did not provide sufficiently-detailed training to staff to ensure they were aware of and conducted required subrecipient monitoring responsibilities. Why do these problems matter? Performing timely and appropriate monitoring of subrecipients provides the Department with a method to ensure its subrecipients are complying with applicable federal grant requirements. By taking appropriate actions based on the results of its subrecipient monitoring activities, the Department can mitigate the risk of providing continuing funding to entities that may not be using funds in accordance with program requirements. Overall, the Department?s failure to comply with federal requirements could result in a loss of funding from the federal government. See Schedule of Findings and Questioned Costs for chart/table Recommendation 2022-076 The Department of Transportation should strengthen internal controls over and ensure that it complies with federal subrecipient monitoring requirements for the Highway Planning and Construction program by: A. Updating its current subrecipient monitoring and risk assessment policy to clarify the frequency in which a risk assessment is required to be completed or updated, as applicable for contracts that span multiple fiscal years, as well as direction regarding when it is acceptable to forgo performing a risk assessment and updating the policy to address the nature in which subrecipient programmatic and financial reports are reviewed B. Providing training to staff responsible for subrecipient monitoring activities related to the policies updated in Part A of the finding. Response Department of Transportation A. Agree Implementation Date: November 2023 The Department will update the policy to clarify the frequency in which the risk assessment is required to be completed or updated as applicable for contracts that span multiple fiscal years, as well as identifying exceptions, outlining when it is acceptable to forgo risk assessments. The Department will also update the policy to address the nature in which the subrecipient programmatic and financial reports are reviewed. The updates will be completed by November 2023. B. Agree Implementation Date: November 2023 The Department will provide training on the subrecipient monitoring policy manual to outline roles, responsibilities and the frequency of risk assessments that span over multiple fiscal years. The training will also provide guidance on the programmatic and financial information review process.
Finding 2022-076 Compliance with Federal Subrecipient Monitoring Requirements The Department receives federal grant funds directly from the federal government for the Highway Planning and Construction Program (Program) and then subgrants, or passes through, a portion of the funds to cities and counties and other organizations that are considered to be either a subrecipient or a contractor. A subrecipient is a non-federal entity that expends federal awards received from a pass-through entity to carry out a federal program, but does not include an individual that is a beneficiary receiving direct payments from such a program. A contractor is a dealer, distributor, merchant, or other seller providing goods or services that are required to conduct a federal program; these goods or services may be for an organization?s own use or for the use of beneficiaries of the federal program. The Department executes an Intergovemental Agreement (IGA) between the Department and the subrecipient. Under Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance), the Department is responsible for evaluating each subrecipient's risk of noncompliance with federal statutes, regulations, and the terms and conditions of the subaward and for ultimately ensuring the subrecipient is determined eligible. In some instances, in coordination with the Federal Highway Association (FHWA), a Metropolitan Planning Organization (MPO)? rather than the primary recipient, such as the Department?is responsible for performing eligibility determinations. As such, in those instances, the Department does not perform risk-assessments on these contracts and only is responsible for on-going monitoring. What was the purpose of our audit work and what work was performed? The purpose of the audit work was to determine whether the Department had effective internal controls in place and complied with subrecipient monitoring activities for the Program during Fiscal Year 2022. As part of our audit work, we reviewed the Department?s internal controls over compliance for subrecipient monitoring requirements for the Program, including the Department?s policies and procedures. We tested a random sample of 25 of the Department?s 92 subrecipients (27 percent) for the Program?for which the Department had an IGA in place during Fiscal Year 2022?to determine whether subrecipient monitoring procedures performed by Department staff during the year were compliant with federal regulations. Our testing included evaluating whether the Department performed risk assessments and determined the appropriate level of subrecipient monitoring for the entities, as required by federal Uniform Guidance. How were the results of the audit work measured? Our audit work was designed to measure the Department?s compliance with the following criteria: ? Federal regulations [2 CFR 200.303] state that the Department, as a federal grant recipient, must ?establish and maintain effective internal controls over the Federal awards that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulation, and the terms and conditions of the Federal award.? ? Federal regulations [2 CFR 200.332(b)] also state that the Department must evaluate each subrecipient?s risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward and may include various factors. ? Federal regulations [2 CFR 200.332(d) through (f)] and [2 CFR 200.521] further require the Department to monitor the activities of its subrecipients, as necessary, to ensure that each subaward is used for authorized purposes, the subrecipient complies with the terms and conditions of the subaward, and that the subrecipient achieves performance goals. The Department?s monitoring must include: o Reviewing financial and programmatic reports submitted by the subrecipient o Following-up on and ensuring the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award o Issuing a management decision for audit findings pertaining to the federal award provided to the subrecipient from the pass-through entity What problems did the audit work identify? We determined that the Department did not comply with subrecipient monitoring requirements for the Highway Planning and Construction Program during Fiscal Year 2022, as noted below: ? The Department did not perform a risk assessment for 6 of the 25 subrecipients (24 percent) we tested, including subrecipients where eligibility was determined by a MPO. ? The Department improperly included one vendor in our population of subrecipients. The nature of services provided by the vendor was personal services, therefore, did not require the execution of an IGA. ? The Department did not provide supporting documentation for reviews of any Fiscal Year 2022 financial and programmatic reports. As a result, we were unable to determine if any reviews were conducted during the fiscal year, as required. Why did these problems occur? While the Department has created a subrecipient monitoring and risk assessment manual, the manual lacks clarity in a variety of areas, including the following: ? For contracts which extend over multiple fiscal years, the policies do not specify the frequency in which subrecipient risk-assessment should be reviewed or updated. ? There are multiple types of subrecipient contracts for which the full risk-assessment process may not be applicable, however, the current policies do not address acceptable exceptions to the policy. ? The Department?s current policies do not include guidance related to the review of financial and programmatic reports, including the extent to which required programmatic and financial reports should be obtained and reviewed. ? The Department?s policies and procedures do not clearly indicate that the Department is not required to complete a risk assessment when an MPO determines eligibility and therefore the nature of monitoring procedures to be performed is not defined. ? Requested audit documentation was not provided timely. Further, the Department did not provide sufficiently-detailed training to staff to ensure they were aware of and conducted required subrecipient monitoring responsibilities. Why do these problems matter? Performing timely and appropriate monitoring of subrecipients provides the Department with a method to ensure its subrecipients are complying with applicable federal grant requirements. By taking appropriate actions based on the results of its subrecipient monitoring activities, the Department can mitigate the risk of providing continuing funding to entities that may not be using funds in accordance with program requirements. Overall, the Department?s failure to comply with federal requirements could result in a loss of funding from the federal government. See Schedule of Findings and Questioned Costs for chart/table Recommendation 2022-076 The Department of Transportation should strengthen internal controls over and ensure that it complies with federal subrecipient monitoring requirements for the Highway Planning and Construction program by: A. Updating its current subrecipient monitoring and risk assessment policy to clarify the frequency in which a risk assessment is required to be completed or updated, as applicable for contracts that span multiple fiscal years, as well as direction regarding when it is acceptable to forgo performing a risk assessment and updating the policy to address the nature in which subrecipient programmatic and financial reports are reviewed B. Providing training to staff responsible for subrecipient monitoring activities related to the policies updated in Part A of the finding. Response Department of Transportation A. Agree Implementation Date: November 2023 The Department will update the policy to clarify the frequency in which the risk assessment is required to be completed or updated as applicable for contracts that span multiple fiscal years, as well as identifying exceptions, outlining when it is acceptable to forgo risk assessments. The Department will also update the policy to address the nature in which the subrecipient programmatic and financial reports are reviewed. The updates will be completed by November 2023. B. Agree Implementation Date: November 2023 The Department will provide training on the subrecipient monitoring policy manual to outline roles, responsibilities and the frequency of risk assessments that span over multiple fiscal years. The training will also provide guidance on the programmatic and financial information review process.
Finding 2022-076 Compliance with Federal Subrecipient Monitoring Requirements The Department receives federal grant funds directly from the federal government for the Highway Planning and Construction Program (Program) and then subgrants, or passes through, a portion of the funds to cities and counties and other organizations that are considered to be either a subrecipient or a contractor. A subrecipient is a non-federal entity that expends federal awards received from a pass-through entity to carry out a federal program, but does not include an individual that is a beneficiary receiving direct payments from such a program. A contractor is a dealer, distributor, merchant, or other seller providing goods or services that are required to conduct a federal program; these goods or services may be for an organization?s own use or for the use of beneficiaries of the federal program. The Department executes an Intergovemental Agreement (IGA) between the Department and the subrecipient. Under Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance), the Department is responsible for evaluating each subrecipient's risk of noncompliance with federal statutes, regulations, and the terms and conditions of the subaward and for ultimately ensuring the subrecipient is determined eligible. In some instances, in coordination with the Federal Highway Association (FHWA), a Metropolitan Planning Organization (MPO)? rather than the primary recipient, such as the Department?is responsible for performing eligibility determinations. As such, in those instances, the Department does not perform risk-assessments on these contracts and only is responsible for on-going monitoring. What was the purpose of our audit work and what work was performed? The purpose of the audit work was to determine whether the Department had effective internal controls in place and complied with subrecipient monitoring activities for the Program during Fiscal Year 2022. As part of our audit work, we reviewed the Department?s internal controls over compliance for subrecipient monitoring requirements for the Program, including the Department?s policies and procedures. We tested a random sample of 25 of the Department?s 92 subrecipients (27 percent) for the Program?for which the Department had an IGA in place during Fiscal Year 2022?to determine whether subrecipient monitoring procedures performed by Department staff during the year were compliant with federal regulations. Our testing included evaluating whether the Department performed risk assessments and determined the appropriate level of subrecipient monitoring for the entities, as required by federal Uniform Guidance. How were the results of the audit work measured? Our audit work was designed to measure the Department?s compliance with the following criteria: ? Federal regulations [2 CFR 200.303] state that the Department, as a federal grant recipient, must ?establish and maintain effective internal controls over the Federal awards that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulation, and the terms and conditions of the Federal award.? ? Federal regulations [2 CFR 200.332(b)] also state that the Department must evaluate each subrecipient?s risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward and may include various factors. ? Federal regulations [2 CFR 200.332(d) through (f)] and [2 CFR 200.521] further require the Department to monitor the activities of its subrecipients, as necessary, to ensure that each subaward is used for authorized purposes, the subrecipient complies with the terms and conditions of the subaward, and that the subrecipient achieves performance goals. The Department?s monitoring must include: o Reviewing financial and programmatic reports submitted by the subrecipient o Following-up on and ensuring the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award o Issuing a management decision for audit findings pertaining to the federal award provided to the subrecipient from the pass-through entity What problems did the audit work identify? We determined that the Department did not comply with subrecipient monitoring requirements for the Highway Planning and Construction Program during Fiscal Year 2022, as noted below: ? The Department did not perform a risk assessment for 6 of the 25 subrecipients (24 percent) we tested, including subrecipients where eligibility was determined by a MPO. ? The Department improperly included one vendor in our population of subrecipients. The nature of services provided by the vendor was personal services, therefore, did not require the execution of an IGA. ? The Department did not provide supporting documentation for reviews of any Fiscal Year 2022 financial and programmatic reports. As a result, we were unable to determine if any reviews were conducted during the fiscal year, as required. Why did these problems occur? While the Department has created a subrecipient monitoring and risk assessment manual, the manual lacks clarity in a variety of areas, including the following: ? For contracts which extend over multiple fiscal years, the policies do not specify the frequency in which subrecipient risk-assessment should be reviewed or updated. ? There are multiple types of subrecipient contracts for which the full risk-assessment process may not be applicable, however, the current policies do not address acceptable exceptions to the policy. ? The Department?s current policies do not include guidance related to the review of financial and programmatic reports, including the extent to which required programmatic and financial reports should be obtained and reviewed. ? The Department?s policies and procedures do not clearly indicate that the Department is not required to complete a risk assessment when an MPO determines eligibility and therefore the nature of monitoring procedures to be performed is not defined. ? Requested audit documentation was not provided timely. Further, the Department did not provide sufficiently-detailed training to staff to ensure they were aware of and conducted required subrecipient monitoring responsibilities. Why do these problems matter? Performing timely and appropriate monitoring of subrecipients provides the Department with a method to ensure its subrecipients are complying with applicable federal grant requirements. By taking appropriate actions based on the results of its subrecipient monitoring activities, the Department can mitigate the risk of providing continuing funding to entities that may not be using funds in accordance with program requirements. Overall, the Department?s failure to comply with federal requirements could result in a loss of funding from the federal government. See Schedule of Findings and Questioned Costs for chart/table Recommendation 2022-076 The Department of Transportation should strengthen internal controls over and ensure that it complies with federal subrecipient monitoring requirements for the Highway Planning and Construction program by: A. Updating its current subrecipient monitoring and risk assessment policy to clarify the frequency in which a risk assessment is required to be completed or updated, as applicable for contracts that span multiple fiscal years, as well as direction regarding when it is acceptable to forgo performing a risk assessment and updating the policy to address the nature in which subrecipient programmatic and financial reports are reviewed B. Providing training to staff responsible for subrecipient monitoring activities related to the policies updated in Part A of the finding. Response Department of Transportation A. Agree Implementation Date: November 2023 The Department will update the policy to clarify the frequency in which the risk assessment is required to be completed or updated as applicable for contracts that span multiple fiscal years, as well as identifying exceptions, outlining when it is acceptable to forgo risk assessments. The Department will also update the policy to address the nature in which the subrecipient programmatic and financial reports are reviewed. The updates will be completed by November 2023. B. Agree Implementation Date: November 2023 The Department will provide training on the subrecipient monitoring policy manual to outline roles, responsibilities and the frequency of risk assessments that span over multiple fiscal years. The training will also provide guidance on the programmatic and financial information review process.
Finding 2022-076 Compliance with Federal Subrecipient Monitoring Requirements The Department receives federal grant funds directly from the federal government for the Highway Planning and Construction Program (Program) and then subgrants, or passes through, a portion of the funds to cities and counties and other organizations that are considered to be either a subrecipient or a contractor. A subrecipient is a non-federal entity that expends federal awards received from a pass-through entity to carry out a federal program, but does not include an individual that is a beneficiary receiving direct payments from such a program. A contractor is a dealer, distributor, merchant, or other seller providing goods or services that are required to conduct a federal program; these goods or services may be for an organization?s own use or for the use of beneficiaries of the federal program. The Department executes an Intergovemental Agreement (IGA) between the Department and the subrecipient. Under Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance), the Department is responsible for evaluating each subrecipient's risk of noncompliance with federal statutes, regulations, and the terms and conditions of the subaward and for ultimately ensuring the subrecipient is determined eligible. In some instances, in coordination with the Federal Highway Association (FHWA), a Metropolitan Planning Organization (MPO)? rather than the primary recipient, such as the Department?is responsible for performing eligibility determinations. As such, in those instances, the Department does not perform risk-assessments on these contracts and only is responsible for on-going monitoring. What was the purpose of our audit work and what work was performed? The purpose of the audit work was to determine whether the Department had effective internal controls in place and complied with subrecipient monitoring activities for the Program during Fiscal Year 2022. As part of our audit work, we reviewed the Department?s internal controls over compliance for subrecipient monitoring requirements for the Program, including the Department?s policies and procedures. We tested a random sample of 25 of the Department?s 92 subrecipients (27 percent) for the Program?for which the Department had an IGA in place during Fiscal Year 2022?to determine whether subrecipient monitoring procedures performed by Department staff during the year were compliant with federal regulations. Our testing included evaluating whether the Department performed risk assessments and determined the appropriate level of subrecipient monitoring for the entities, as required by federal Uniform Guidance. How were the results of the audit work measured? Our audit work was designed to measure the Department?s compliance with the following criteria: ? Federal regulations [2 CFR 200.303] state that the Department, as a federal grant recipient, must ?establish and maintain effective internal controls over the Federal awards that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulation, and the terms and conditions of the Federal award.? ? Federal regulations [2 CFR 200.332(b)] also state that the Department must evaluate each subrecipient?s risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward and may include various factors. ? Federal regulations [2 CFR 200.332(d) through (f)] and [2 CFR 200.521] further require the Department to monitor the activities of its subrecipients, as necessary, to ensure that each subaward is used for authorized purposes, the subrecipient complies with the terms and conditions of the subaward, and that the subrecipient achieves performance goals. The Department?s monitoring must include: o Reviewing financial and programmatic reports submitted by the subrecipient o Following-up on and ensuring the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award o Issuing a management decision for audit findings pertaining to the federal award provided to the subrecipient from the pass-through entity What problems did the audit work identify? We determined that the Department did not comply with subrecipient monitoring requirements for the Highway Planning and Construction Program during Fiscal Year 2022, as noted below: ? The Department did not perform a risk assessment for 6 of the 25 subrecipients (24 percent) we tested, including subrecipients where eligibility was determined by a MPO. ? The Department improperly included one vendor in our population of subrecipients. The nature of services provided by the vendor was personal services, therefore, did not require the execution of an IGA. ? The Department did not provide supporting documentation for reviews of any Fiscal Year 2022 financial and programmatic reports. As a result, we were unable to determine if any reviews were conducted during the fiscal year, as required. Why did these problems occur? While the Department has created a subrecipient monitoring and risk assessment manual, the manual lacks clarity in a variety of areas, including the following: ? For contracts which extend over multiple fiscal years, the policies do not specify the frequency in which subrecipient risk-assessment should be reviewed or updated. ? There are multiple types of subrecipient contracts for which the full risk-assessment process may not be applicable, however, the current policies do not address acceptable exceptions to the policy. ? The Department?s current policies do not include guidance related to the review of financial and programmatic reports, including the extent to which required programmatic and financial reports should be obtained and reviewed. ? The Department?s policies and procedures do not clearly indicate that the Department is not required to complete a risk assessment when an MPO determines eligibility and therefore the nature of monitoring procedures to be performed is not defined. ? Requested audit documentation was not provided timely. Further, the Department did not provide sufficiently-detailed training to staff to ensure they were aware of and conducted required subrecipient monitoring responsibilities. Why do these problems matter? Performing timely and appropriate monitoring of subrecipients provides the Department with a method to ensure its subrecipients are complying with applicable federal grant requirements. By taking appropriate actions based on the results of its subrecipient monitoring activities, the Department can mitigate the risk of providing continuing funding to entities that may not be using funds in accordance with program requirements. Overall, the Department?s failure to comply with federal requirements could result in a loss of funding from the federal government. See Schedule of Findings and Questioned Costs for chart/table Recommendation 2022-076 The Department of Transportation should strengthen internal controls over and ensure that it complies with federal subrecipient monitoring requirements for the Highway Planning and Construction program by: A. Updating its current subrecipient monitoring and risk assessment policy to clarify the frequency in which a risk assessment is required to be completed or updated, as applicable for contracts that span multiple fiscal years, as well as direction regarding when it is acceptable to forgo performing a risk assessment and updating the policy to address the nature in which subrecipient programmatic and financial reports are reviewed B. Providing training to staff responsible for subrecipient monitoring activities related to the policies updated in Part A of the finding. Response Department of Transportation A. Agree Implementation Date: November 2023 The Department will update the policy to clarify the frequency in which the risk assessment is required to be completed or updated as applicable for contracts that span multiple fiscal years, as well as identifying exceptions, outlining when it is acceptable to forgo risk assessments. The Department will also update the policy to address the nature in which the subrecipient programmatic and financial reports are reviewed. The updates will be completed by November 2023. B. Agree Implementation Date: November 2023 The Department will provide training on the subrecipient monitoring policy manual to outline roles, responsibilities and the frequency of risk assessments that span over multiple fiscal years. The training will also provide guidance on the programmatic and financial information review process.
The following finding and recommendation relating to an internal control deficiency classified as a Significant Deficiency was communicated to the Department of Transportation (Department) in the previous year and has not been remediated as of June 30, 2022 because the original implementation date provided by the Department was in a subsequent fiscal year. This complete finding and recommendation can be found within the original report and the complete recommendation can be found within Section IV: Prior Audit Recommendations of this report. See Schedule of Findings and Questioned Costs for chart/table Finding 2021-068 The following finding and recommendation relating to an internal control deficiency classified as a Significant Deficiency was communicated to the Department in the previous year and has not been remediated as of June 30, 2021, because the original implementation date provided by the Department is in a subsequent fiscal year. This complete finding and recommendation can be found in the original report and Section III: Prior Federal Recommendations of this report. See Schedule of Findings and Questioned Costs for chart/table. Finding 2020-075 FORMULA GRANTS FOR RURAL AREAS?INTERNAL CONTROLS AND COMPLIANCE WITH SUBRECIPIENT MONITORING The Department received funding from the Federal Transit Authority (FTA) for the Program during Fiscal Year 2020 and expended approximately $26.8 million under the Program; the expenditures included approximately $16.9 million from the Coronavirus Aid, Relief, and Economic Security Act (CARES Act). The objective of this Program is to initiate, improve, or continue public transportation services in rural areas. FTA provides financial and technical assistance to local public transit systems, including buses, subways, light rail, commuter rail, trolleys, and ferries. FTA also oversees safety measures and helps develop next-generation technology research. Approximately $26.0 million (97 percent) of the Program funds expended by the Department were passed through to subrecipients in order to carry out a portion of the Program. WHAT WAS THE PURPOSE OF OUR AUDIT WORK AND WHAT WORK WAS PERFORMED? The purpose of the audit work was to determine whether the Department had effective internal controls in place during Fiscal Year 2020 over the Program, and complied with the Program?s subrecipient monitoring activities. As part of our audit work, we reviewed the Department?s internal controls over compliance for the Program?s subrecipient monitoring. In addition, we tested a random sample of five of 45 Program subrecipients for Fiscal Year 2020 to determine whether the subrecipient monitoring procedures the Department performed during the year were compliant with federal requirements. HOW WERE THE RESULTS OF THE AUDIT WORK MEASURED? Our audit work was designed to measure the results of compliance with the following criteria: ? Federal regulations [2 CFR 200.332(b)] require that the Department evaluate each subrecipient?s risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward and may include various factors. Federal regulations [2 CFR 200.332(d)-(f)] also require the Department to monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals. Monitoring must include: ? Reviewing financial and programmatic reports. ? Following up and ensuring the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award. ? Issuing a management decision for audit findings pertaining to the federal award provided to the subrecipient from the pass-through entity, as required by 2 CFR 200.521. ? Federal regulation [2 CFR 200.303] states that the Department, as a federal grant recipient, must ?establish and maintain effective internal controls over the Federal awards that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulation, and the terms and conditions of the Federal award.? The Department?s internal control policies and procedures require the Internal Audit Division to obtain and review single audit certification forms, whereby subrecipients are required to certify whether they are subject to a Single Audit. Internal Audit Division staff are required to review each certification and related Single Audit report, as applicable, and perform follow-up activities related to deficiencies and audit findings. ? Additionally, the Department is required to report the total amount of federal awards expended to the Office of the State Controller (OSC) via the Exhibit K1, Schedule of Federal Assistance. The Exhibit K1 is the document through which state departments report federal expenditure information to the OSC, including separate columns to indicate types of expenditures, for statewide compilation and reporting. WHAT PROBLEMS DID THE AUDIT WORK IDENTIFY? We identified issues related to two of the five (40 percent) Program subrecipients identified by the Department for Fiscal Year 2020 as follows: ? The Department did not take sufficient steps to address one subrecipient?s failure to obtain a 2019 Single Audit. Specifically, the subrecipient received approximately $78,500 in pass-through Program funding from the Department and communicated to the Department in its single audit certification for the year ending December 31, 2019, that it was subject to a Single Audit; however, that audit had not been conducted as of the completion of our Fiscal Year 2020 audit testwork in April 2021. While it appeared that the Department communicated various times with the subrecipient about the missing audit, the Department did not assess possible impacts from the missing audit or take any action to institute alternate monitoring procedures of the subrecipient. ? For the second subrecipient tested, the Department inappropriately considered the entity to be a subrecipient rather than a vendor and incorrectly reported $20,936 in funds paid to the entity as subrecipient expenditures on its Exhibit K1 submitted to the OSC. WHY DID THESE PROBLEMS OCCUR? The Department?s subrecipient policies and procedures are voluminous and performed throughout multiple divisions within the Department. Therefore, the results of monitoring procedures performed are documented in various areas and not contained in one central location. The Department also does not have policies and procedures in place to identify appropriate actions to be taken when issues are identified. In addition, the Department lacks a process for analyzing the types of entities it is contracting with for the Program in order to separately identify the entities as vendors or subrecipients; rather, staff indicated that, during the contracting process, all contract expenditures related to this Program are recorded as subrecipient expenditures, including service-related or vendor contracts. WHY DO THESE PROBLEMS MATTER? Performing timely and appropriate identification and monitoring of subrecipients, including ensuring that they undergo required Single Audits, provides the Department with a method to identify federal grant-related issues and to ensure its compliance with federal subrecipient monitoring requirements. By taking appropriate actions to address the results of its monitoring, the Department can mitigate the risk of providing continuing funding to entities that may not be using funds in accordance with Program requirements. This is particularly important because the Department passes 97 percent of these Program funds to subrecipients. The Department?s failure to comply with federal requirements could result in a loss of funding from the federal government. See Schedule of Findings and Questioned Costs for chart/table RECOMMENDATION 2020-075 The Department of Transportation (Department) should ensure that it improves its internal controls over, and complies with, federal Formula Grants for Rural Areas and Tribal Transit Program requirements for subrecipient monitoring by: A Ensuring that subrecipient monitoring policies and procedures are centralized, condensed, and available to all personnel who are responsible for performing subrecipient monitoring activities. The policies and procedures should clearly list responsibilities for each division within the Department and be inclusive of all monitoring activities performed and contain clear directives for acting on subrecipients? failure to comply with requirements, including providing its single audit report, by assessing possible impacts from the noncompliance and instituting appropriate alternative procedures. B Implementing a process for analyzing its contracted entities during the contracting and awarding process by reviewing the nature and terms of contracts, separately identifying the contracted entities as vendors or subrecipients, and recording the contract expenditures appropriately based on this assessment. RESPONSE DEPARTMENT OF TRANSPORTATION A AGREE. IMPLEMENTATION DATE: JULY 2022. CDOT will work with various divisions to devise a plan that will comply with this finding and the recommendations noted within. This plan shall include identifying a centralized location for all policies and procedures related to subrecipient monitoring. We will look at all policies and procedures to ensure they clearly identify responsibilities and requirements for non-compliance. B AGREE. IMPLEMENTATION DATE: JULY 2022. CDOT will work with various divisions to devise a plan that will comply with this finding and the recommendations noted within. This plan shall include establishing a process by which an analysis of contracted entities will be performed to identify and properly record entities as a vendor or subrecipient.
The following finding and recommendation relating to an internal control deficiency classified as a Significant Deficiency was communicated to the Department of Transportation (Department) in the previous year and has not been remediated as of June 30, 2022 because the original implementation date provided by the Department was in a subsequent fiscal year. This complete finding and recommendation can be found within the original report and the complete recommendation can be found within Section IV: Prior Audit Recommendations of this report. See Schedule of Findings and Questioned Costs for chart/table Finding 2021-068 The following finding and recommendation relating to an internal control deficiency classified as a Significant Deficiency was communicated to the Department in the previous year and has not been remediated as of June 30, 2021, because the original implementation date provided by the Department is in a subsequent fiscal year. This complete finding and recommendation can be found in the original report and Section III: Prior Federal Recommendations of this report. See Schedule of Findings and Questioned Costs for chart/table. Finding 2020-075 FORMULA GRANTS FOR RURAL AREAS?INTERNAL CONTROLS AND COMPLIANCE WITH SUBRECIPIENT MONITORING The Department received funding from the Federal Transit Authority (FTA) for the Program during Fiscal Year 2020 and expended approximately $26.8 million under the Program; the expenditures included approximately $16.9 million from the Coronavirus Aid, Relief, and Economic Security Act (CARES Act). The objective of this Program is to initiate, improve, or continue public transportation services in rural areas. FTA provides financial and technical assistance to local public transit systems, including buses, subways, light rail, commuter rail, trolleys, and ferries. FTA also oversees safety measures and helps develop next-generation technology research. Approximately $26.0 million (97 percent) of the Program funds expended by the Department were passed through to subrecipients in order to carry out a portion of the Program. WHAT WAS THE PURPOSE OF OUR AUDIT WORK AND WHAT WORK WAS PERFORMED? The purpose of the audit work was to determine whether the Department had effective internal controls in place during Fiscal Year 2020 over the Program, and complied with the Program?s subrecipient monitoring activities. As part of our audit work, we reviewed the Department?s internal controls over compliance for the Program?s subrecipient monitoring. In addition, we tested a random sample of five of 45 Program subrecipients for Fiscal Year 2020 to determine whether the subrecipient monitoring procedures the Department performed during the year were compliant with federal requirements. HOW WERE THE RESULTS OF THE AUDIT WORK MEASURED? Our audit work was designed to measure the results of compliance with the following criteria: ? Federal regulations [2 CFR 200.332(b)] require that the Department evaluate each subrecipient?s risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward and may include various factors. Federal regulations [2 CFR 200.332(d)-(f)] also require the Department to monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals. Monitoring must include: ? Reviewing financial and programmatic reports. ? Following up and ensuring the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award. ? Issuing a management decision for audit findings pertaining to the federal award provided to the subrecipient from the pass-through entity, as required by 2 CFR 200.521. ? Federal regulation [2 CFR 200.303] states that the Department, as a federal grant recipient, must ?establish and maintain effective internal controls over the Federal awards that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulation, and the terms and conditions of the Federal award.? The Department?s internal control policies and procedures require the Internal Audit Division to obtain and review single audit certification forms, whereby subrecipients are required to certify whether they are subject to a Single Audit. Internal Audit Division staff are required to review each certification and related Single Audit report, as applicable, and perform follow-up activities related to deficiencies and audit findings. ? Additionally, the Department is required to report the total amount of federal awards expended to the Office of the State Controller (OSC) via the Exhibit K1, Schedule of Federal Assistance. The Exhibit K1 is the document through which state departments report federal expenditure information to the OSC, including separate columns to indicate types of expenditures, for statewide compilation and reporting. WHAT PROBLEMS DID THE AUDIT WORK IDENTIFY? We identified issues related to two of the five (40 percent) Program subrecipients identified by the Department for Fiscal Year 2020 as follows: ? The Department did not take sufficient steps to address one subrecipient?s failure to obtain a 2019 Single Audit. Specifically, the subrecipient received approximately $78,500 in pass-through Program funding from the Department and communicated to the Department in its single audit certification for the year ending December 31, 2019, that it was subject to a Single Audit; however, that audit had not been conducted as of the completion of our Fiscal Year 2020 audit testwork in April 2021. While it appeared that the Department communicated various times with the subrecipient about the missing audit, the Department did not assess possible impacts from the missing audit or take any action to institute alternate monitoring procedures of the subrecipient. ? For the second subrecipient tested, the Department inappropriately considered the entity to be a subrecipient rather than a vendor and incorrectly reported $20,936 in funds paid to the entity as subrecipient expenditures on its Exhibit K1 submitted to the OSC. WHY DID THESE PROBLEMS OCCUR? The Department?s subrecipient policies and procedures are voluminous and performed throughout multiple divisions within the Department. Therefore, the results of monitoring procedures performed are documented in various areas and not contained in one central location. The Department also does not have policies and procedures in place to identify appropriate actions to be taken when issues are identified. In addition, the Department lacks a process for analyzing the types of entities it is contracting with for the Program in order to separately identify the entities as vendors or subrecipients; rather, staff indicated that, during the contracting process, all contract expenditures related to this Program are recorded as subrecipient expenditures, including service-related or vendor contracts. WHY DO THESE PROBLEMS MATTER? Performing timely and appropriate identification and monitoring of subrecipients, including ensuring that they undergo required Single Audits, provides the Department with a method to identify federal grant-related issues and to ensure its compliance with federal subrecipient monitoring requirements. By taking appropriate actions to address the results of its monitoring, the Department can mitigate the risk of providing continuing funding to entities that may not be using funds in accordance with Program requirements. This is particularly important because the Department passes 97 percent of these Program funds to subrecipients. The Department?s failure to comply with federal requirements could result in a loss of funding from the federal government. See Schedule of Findings and Questioned Costs for chart/table RECOMMENDATION 2020-075 The Department of Transportation (Department) should ensure that it improves its internal controls over, and complies with, federal Formula Grants for Rural Areas and Tribal Transit Program requirements for subrecipient monitoring by: A Ensuring that subrecipient monitoring policies and procedures are centralized, condensed, and available to all personnel who are responsible for performing subrecipient monitoring activities. The policies and procedures should clearly list responsibilities for each division within the Department and be inclusive of all monitoring activities performed and contain clear directives for acting on subrecipients? failure to comply with requirements, including providing its single audit report, by assessing possible impacts from the noncompliance and instituting appropriate alternative procedures. B Implementing a process for analyzing its contracted entities during the contracting and awarding process by reviewing the nature and terms of contracts, separately identifying the contracted entities as vendors or subrecipients, and recording the contract expenditures appropriately based on this assessment. RESPONSE DEPARTMENT OF TRANSPORTATION A AGREE. IMPLEMENTATION DATE: JULY 2022. CDOT will work with various divisions to devise a plan that will comply with this finding and the recommendations noted within. This plan shall include identifying a centralized location for all policies and procedures related to subrecipient monitoring. We will look at all policies and procedures to ensure they clearly identify responsibilities and requirements for non-compliance. B AGREE. IMPLEMENTATION DATE: JULY 2022. CDOT will work with various divisions to devise a plan that will comply with this finding and the recommendations noted within. This plan shall include establishing a process by which an analysis of contracted entities will be performed to identify and properly record entities as a vendor or subrecipient.
The following finding and recommendation relating to an internal control deficiency classified as a Significant Deficiency was communicated to the Department of Transportation (Department) in the previous year and has not been remediated as of June 30, 2022 because the original implementation date provided by the Department was in a subsequent fiscal year. This complete finding and recommendation can be found within the original report and the complete recommendation can be found within Section IV: Prior Audit Recommendations of this report. See Schedule of Findings and Questioned Costs for chart/table Finding 2021-068 The following finding and recommendation relating to an internal control deficiency classified as a Significant Deficiency was communicated to the Department in the previous year and has not been remediated as of June 30, 2021, because the original implementation date provided by the Department is in a subsequent fiscal year. This complete finding and recommendation can be found in the original report and Section III: Prior Federal Recommendations of this report. See Schedule of Findings and Questioned Costs for chart/table. Finding 2020-075 FORMULA GRANTS FOR RURAL AREAS?INTERNAL CONTROLS AND COMPLIANCE WITH SUBRECIPIENT MONITORING The Department received funding from the Federal Transit Authority (FTA) for the Program during Fiscal Year 2020 and expended approximately $26.8 million under the Program; the expenditures included approximately $16.9 million from the Coronavirus Aid, Relief, and Economic Security Act (CARES Act). The objective of this Program is to initiate, improve, or continue public transportation services in rural areas. FTA provides financial and technical assistance to local public transit systems, including buses, subways, light rail, commuter rail, trolleys, and ferries. FTA also oversees safety measures and helps develop next-generation technology research. Approximately $26.0 million (97 percent) of the Program funds expended by the Department were passed through to subrecipients in order to carry out a portion of the Program. WHAT WAS THE PURPOSE OF OUR AUDIT WORK AND WHAT WORK WAS PERFORMED? The purpose of the audit work was to determine whether the Department had effective internal controls in place during Fiscal Year 2020 over the Program, and complied with the Program?s subrecipient monitoring activities. As part of our audit work, we reviewed the Department?s internal controls over compliance for the Program?s subrecipient monitoring. In addition, we tested a random sample of five of 45 Program subrecipients for Fiscal Year 2020 to determine whether the subrecipient monitoring procedures the Department performed during the year were compliant with federal requirements. HOW WERE THE RESULTS OF THE AUDIT WORK MEASURED? Our audit work was designed to measure the results of compliance with the following criteria: ? Federal regulations [2 CFR 200.332(b)] require that the Department evaluate each subrecipient?s risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward and may include various factors. Federal regulations [2 CFR 200.332(d)-(f)] also require the Department to monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals. Monitoring must include: ? Reviewing financial and programmatic reports. ? Following up and ensuring the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award. ? Issuing a management decision for audit findings pertaining to the federal award provided to the subrecipient from the pass-through entity, as required by 2 CFR 200.521. ? Federal regulation [2 CFR 200.303] states that the Department, as a federal grant recipient, must ?establish and maintain effective internal controls over the Federal awards that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulation, and the terms and conditions of the Federal award.? The Department?s internal control policies and procedures require the Internal Audit Division to obtain and review single audit certification forms, whereby subrecipients are required to certify whether they are subject to a Single Audit. Internal Audit Division staff are required to review each certification and related Single Audit report, as applicable, and perform follow-up activities related to deficiencies and audit findings. ? Additionally, the Department is required to report the total amount of federal awards expended to the Office of the State Controller (OSC) via the Exhibit K1, Schedule of Federal Assistance. The Exhibit K1 is the document through which state departments report federal expenditure information to the OSC, including separate columns to indicate types of expenditures, for statewide compilation and reporting. WHAT PROBLEMS DID THE AUDIT WORK IDENTIFY? We identified issues related to two of the five (40 percent) Program subrecipients identified by the Department for Fiscal Year 2020 as follows: ? The Department did not take sufficient steps to address one subrecipient?s failure to obtain a 2019 Single Audit. Specifically, the subrecipient received approximately $78,500 in pass-through Program funding from the Department and communicated to the Department in its single audit certification for the year ending December 31, 2019, that it was subject to a Single Audit; however, that audit had not been conducted as of the completion of our Fiscal Year 2020 audit testwork in April 2021. While it appeared that the Department communicated various times with the subrecipient about the missing audit, the Department did not assess possible impacts from the missing audit or take any action to institute alternate monitoring procedures of the subrecipient. ? For the second subrecipient tested, the Department inappropriately considered the entity to be a subrecipient rather than a vendor and incorrectly reported $20,936 in funds paid to the entity as subrecipient expenditures on its Exhibit K1 submitted to the OSC. WHY DID THESE PROBLEMS OCCUR? The Department?s subrecipient policies and procedures are voluminous and performed throughout multiple divisions within the Department. Therefore, the results of monitoring procedures performed are documented in various areas and not contained in one central location. The Department also does not have policies and procedures in place to identify appropriate actions to be taken when issues are identified. In addition, the Department lacks a process for analyzing the types of entities it is contracting with for the Program in order to separately identify the entities as vendors or subrecipients; rather, staff indicated that, during the contracting process, all contract expenditures related to this Program are recorded as subrecipient expenditures, including service-related or vendor contracts. WHY DO THESE PROBLEMS MATTER? Performing timely and appropriate identification and monitoring of subrecipients, including ensuring that they undergo required Single Audits, provides the Department with a method to identify federal grant-related issues and to ensure its compliance with federal subrecipient monitoring requirements. By taking appropriate actions to address the results of its monitoring, the Department can mitigate the risk of providing continuing funding to entities that may not be using funds in accordance with Program requirements. This is particularly important because the Department passes 97 percent of these Program funds to subrecipients. The Department?s failure to comply with federal requirements could result in a loss of funding from the federal government. See Schedule of Findings and Questioned Costs for chart/table RECOMMENDATION 2020-075 The Department of Transportation (Department) should ensure that it improves its internal controls over, and complies with, federal Formula Grants for Rural Areas and Tribal Transit Program requirements for subrecipient monitoring by: A Ensuring that subrecipient monitoring policies and procedures are centralized, condensed, and available to all personnel who are responsible for performing subrecipient monitoring activities. The policies and procedures should clearly list responsibilities for each division within the Department and be inclusive of all monitoring activities performed and contain clear directives for acting on subrecipients? failure to comply with requirements, including providing its single audit report, by assessing possible impacts from the noncompliance and instituting appropriate alternative procedures. B Implementing a process for analyzing its contracted entities during the contracting and awarding process by reviewing the nature and terms of contracts, separately identifying the contracted entities as vendors or subrecipients, and recording the contract expenditures appropriately based on this assessment. RESPONSE DEPARTMENT OF TRANSPORTATION A AGREE. IMPLEMENTATION DATE: JULY 2022. CDOT will work with various divisions to devise a plan that will comply with this finding and the recommendations noted within. This plan shall include identifying a centralized location for all policies and procedures related to subrecipient monitoring. We will look at all policies and procedures to ensure they clearly identify responsibilities and requirements for non-compliance. B AGREE. IMPLEMENTATION DATE: JULY 2022. CDOT will work with various divisions to devise a plan that will comply with this finding and the recommendations noted within. This plan shall include establishing a process by which an analysis of contracted entities will be performed to identify and properly record entities as a vendor or subrecipient.
The following finding and recommendation relating to an internal control deficiency classified as a Significant Deficiency was communicated to the Department of Transportation (Department) in the previous year and has not been remediated as of June 30, 2022 because the original implementation date provided by the Department was in a subsequent fiscal year. This complete finding and recommendation can be found within the original report and the complete recommendation can be found within Section IV: Prior Audit Recommendations of this report. See Schedule of Findings and Questioned Costs for chart/table Finding 2021-068 The following finding and recommendation relating to an internal control deficiency classified as a Significant Deficiency was communicated to the Department in the previous year and has not been remediated as of June 30, 2021, because the original implementation date provided by the Department is in a subsequent fiscal year. This complete finding and recommendation can be found in the original report and Section III: Prior Federal Recommendations of this report. See Schedule of Findings and Questioned Costs for chart/table. Finding 2020-075 FORMULA GRANTS FOR RURAL AREAS?INTERNAL CONTROLS AND COMPLIANCE WITH SUBRECIPIENT MONITORING The Department received funding from the Federal Transit Authority (FTA) for the Program during Fiscal Year 2020 and expended approximately $26.8 million under the Program; the expenditures included approximately $16.9 million from the Coronavirus Aid, Relief, and Economic Security Act (CARES Act). The objective of this Program is to initiate, improve, or continue public transportation services in rural areas. FTA provides financial and technical assistance to local public transit systems, including buses, subways, light rail, commuter rail, trolleys, and ferries. FTA also oversees safety measures and helps develop next-generation technology research. Approximately $26.0 million (97 percent) of the Program funds expended by the Department were passed through to subrecipients in order to carry out a portion of the Program. WHAT WAS THE PURPOSE OF OUR AUDIT WORK AND WHAT WORK WAS PERFORMED? The purpose of the audit work was to determine whether the Department had effective internal controls in place during Fiscal Year 2020 over the Program, and complied with the Program?s subrecipient monitoring activities. As part of our audit work, we reviewed the Department?s internal controls over compliance for the Program?s subrecipient monitoring. In addition, we tested a random sample of five of 45 Program subrecipients for Fiscal Year 2020 to determine whether the subrecipient monitoring procedures the Department performed during the year were compliant with federal requirements. HOW WERE THE RESULTS OF THE AUDIT WORK MEASURED? Our audit work was designed to measure the results of compliance with the following criteria: ? Federal regulations [2 CFR 200.332(b)] require that the Department evaluate each subrecipient?s risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward and may include various factors. Federal regulations [2 CFR 200.332(d)-(f)] also require the Department to monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals. Monitoring must include: ? Reviewing financial and programmatic reports. ? Following up and ensuring the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award. ? Issuing a management decision for audit findings pertaining to the federal award provided to the subrecipient from the pass-through entity, as required by 2 CFR 200.521. ? Federal regulation [2 CFR 200.303] states that the Department, as a federal grant recipient, must ?establish and maintain effective internal controls over the Federal awards that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulation, and the terms and conditions of the Federal award.? The Department?s internal control policies and procedures require the Internal Audit Division to obtain and review single audit certification forms, whereby subrecipients are required to certify whether they are subject to a Single Audit. Internal Audit Division staff are required to review each certification and related Single Audit report, as applicable, and perform follow-up activities related to deficiencies and audit findings. ? Additionally, the Department is required to report the total amount of federal awards expended to the Office of the State Controller (OSC) via the Exhibit K1, Schedule of Federal Assistance. The Exhibit K1 is the document through which state departments report federal expenditure information to the OSC, including separate columns to indicate types of expenditures, for statewide compilation and reporting. WHAT PROBLEMS DID THE AUDIT WORK IDENTIFY? We identified issues related to two of the five (40 percent) Program subrecipients identified by the Department for Fiscal Year 2020 as follows: ? The Department did not take sufficient steps to address one subrecipient?s failure to obtain a 2019 Single Audit. Specifically, the subrecipient received approximately $78,500 in pass-through Program funding from the Department and communicated to the Department in its single audit certification for the year ending December 31, 2019, that it was subject to a Single Audit; however, that audit had not been conducted as of the completion of our Fiscal Year 2020 audit testwork in April 2021. While it appeared that the Department communicated various times with the subrecipient about the missing audit, the Department did not assess possible impacts from the missing audit or take any action to institute alternate monitoring procedures of the subrecipient. ? For the second subrecipient tested, the Department inappropriately considered the entity to be a subrecipient rather than a vendor and incorrectly reported $20,936 in funds paid to the entity as subrecipient expenditures on its Exhibit K1 submitted to the OSC. WHY DID THESE PROBLEMS OCCUR? The Department?s subrecipient policies and procedures are voluminous and performed throughout multiple divisions within the Department. Therefore, the results of monitoring procedures performed are documented in various areas and not contained in one central location. The Department also does not have policies and procedures in place to identify appropriate actions to be taken when issues are identified. In addition, the Department lacks a process for analyzing the types of entities it is contracting with for the Program in order to separately identify the entities as vendors or subrecipients; rather, staff indicated that, during the contracting process, all contract expenditures related to this Program are recorded as subrecipient expenditures, including service-related or vendor contracts. WHY DO THESE PROBLEMS MATTER? Performing timely and appropriate identification and monitoring of subrecipients, including ensuring that they undergo required Single Audits, provides the Department with a method to identify federal grant-related issues and to ensure its compliance with federal subrecipient monitoring requirements. By taking appropriate actions to address the results of its monitoring, the Department can mitigate the risk of providing continuing funding to entities that may not be using funds in accordance with Program requirements. This is particularly important because the Department passes 97 percent of these Program funds to subrecipients. The Department?s failure to comply with federal requirements could result in a loss of funding from the federal government. See Schedule of Findings and Questioned Costs for chart/table RECOMMENDATION 2020-075 The Department of Transportation (Department) should ensure that it improves its internal controls over, and complies with, federal Formula Grants for Rural Areas and Tribal Transit Program requirements for subrecipient monitoring by: A Ensuring that subrecipient monitoring policies and procedures are centralized, condensed, and available to all personnel who are responsible for performing subrecipient monitoring activities. The policies and procedures should clearly list responsibilities for each division within the Department and be inclusive of all monitoring activities performed and contain clear directives for acting on subrecipients? failure to comply with requirements, including providing its single audit report, by assessing possible impacts from the noncompliance and instituting appropriate alternative procedures. B Implementing a process for analyzing its contracted entities during the contracting and awarding process by reviewing the nature and terms of contracts, separately identifying the contracted entities as vendors or subrecipients, and recording the contract expenditures appropriately based on this assessment. RESPONSE DEPARTMENT OF TRANSPORTATION A AGREE. IMPLEMENTATION DATE: JULY 2022. CDOT will work with various divisions to devise a plan that will comply with this finding and the recommendations noted within. This plan shall include identifying a centralized location for all policies and procedures related to subrecipient monitoring. We will look at all policies and procedures to ensure they clearly identify responsibilities and requirements for non-compliance. B AGREE. IMPLEMENTATION DATE: JULY 2022. CDOT will work with various divisions to devise a plan that will comply with this finding and the recommendations noted within. This plan shall include establishing a process by which an analysis of contracted entities will be performed to identify and properly record entities as a vendor or subrecipient.
Material Weakness in Internal Control over Subrecipient Monitoring and Material Noncompliance Research and Development Cluster Criteria: In accordance with 2 CFR 200.331, a pass-through entity must make a case-by-case determination whether each agreement it makes for the disbursement of federal program funds casts the party receiving the funds in the role of a subrecipient or a contractor. Additionally, in accordance with 2 CFR 200.332(b), the pass-through entity must evaluate each subrecipient’s risk of noncompliance with federal statutes, regulations, and the terms and conditions of the subaward for the purpose of determining the appropriate subrecipient monitoring. In furtherance of this, the pass-through entity should inquire as to whether or not the subrecipient was subject to a Single Audit. If the subrecipient was subject to a Single Audit, the pass-through entity must request the Single Audit report and review for any findings or questioned costs. In accordance with 2 CFR 200.521, the pass-through entity should issue a management decision for audit findings pertaining to the federal award provided to the subrecipient from the pass-through entity as applicable. Condition: The Organization does not document its evaluation of each party that it engages in business with as to whether they are a contractor or a subrecipient. For three (3) of the three (3) such parties selected for testing, the Organization did not maintain documentation regarding whether the entity was a subrecipient or a contractor. Furthermore, as it relates to the monitoring of entities determined to be subrecipients, the Organization has not formally documented its subrecipient monitoring procedures to ensure that subrecipients are in compliance with federal statutes, regulations, and the terms and conditions of the subawards. For three (3) of the three (3) subrecipients selected for testing, the Organization did not inquire as to whether the entity was subject to a Single Audit. Consequently, the Organization did not request the Single Audit report nor did they review them for any findings pertinent to the federal award provided to the subrecipient from the pass-through entity. Cause: The Organization did not have an effective process in place to determine whether entities receiving pass-through funds are subrecipients or contractors. However, it was noted that the Organization implemented a process during the year to properly document whether a company is a contractor or a subrecipient. Furthermore, once that determination has been made, the Organization did not have a process in place for evaluating subrecipients and their compliance with the applicable requirements of the Uniform Guidance. Effect or potential effect: Lack of proper consideration of subrecipient or contractor status may result in the Organization improperly classifying a recipient of federal funds, which may impact the recipient’s compliance with the Uniform Guidance. Furthermore, by not performing adequate monitoring over subrecipients, the Organization is not appropriately monitoring whether subrecipients are in compliance with grant requirements. Questioned costs: None. Context: Our sample was not intended to be statistically valid. Recommendation: The Organization should have instituted a process whereby all entities that receive federal funds have proper documentation supporting their classification as a subrecipient or a contractor for the entire year. Additionally, the Organization should maintain a standardized checklist for all such entities that support their rationale for the classification. This checklist should be prepared by an employee with knowledge of the grant and approved by a second individual. Furthermore, as it relates to subrecipient monitoring, the Organization should institute an annual process whereby all subrecipients are asked whether they received a Single Audit. If the subrecipient was subject to a Single Audit, the Organization should receive and review the Single Audit report. The reviewer should submit a memorandum of any findings relevant to their federal grant, which should then be submitted to the project manager or other designated person for approval. Views of responsible officials and planned corrective actions: Management's response is reported in "Management's Views and Corrective Action Plan" included at the end of this report. Identification of prior year finding: 2021-006
Reference Number: 2022-011 Category of Finding: Subrecipient Monitoring Type of Finding: Material Weakness and Material Instance of Noncompliance State Administering Department: California Department of Public Health (Public Health) Assistance Listing Number: 93.323 Federal Program Title: Epidemiology and Laboratory Capacity for Infectious Diseases (ELC) Federal Award Number and Year: NU50CK000539; 2021 Criteria Title 2 - Grants and Agreements. Subtitle A - Office of Management and Budget Guidance for Grants and Agreements. Chapter II - Office of Management and Budget Guidance. Part 200 - Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. Subpart D - Post Federal Award Requirements. §200.303 Internal controls (2 CFR 200.303): The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Title 2 - Grants and Agreements. Subtitle A - Office of Management and Budget Guidance for Grants and Agreements. Chapter II - Office of Management and Budget Guidance. Part 200 - Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. Subpart D - Post Federal Award Requirements. §200.332 Requirements for pass-through entities (2 CFR 200.332): All pass-through entities must: (b) Evaluate each subrecipient’s risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient’s prior experience with the same or similar subawards: (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with Subpart F of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g., if the subrecipient also receives Federal awards directly from a Federal awarding agency). (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by §200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving cross-cutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section §200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the pass-through entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. (f) Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient’s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in §200.501. (g) Consider whether the results of the subrecipient’s audits, on-site reviews, or other monitoring indicate conditions that necessitate adjustments to the pass-through entity’s own records. Condition Public Health did not establish a formal risk assessment process over its subrecipients of federal awards to determine the frequency and extent of subrecipient monitoring to be performed. While Public Health received reimbursement invoices from subrecipients, there did not appear to be other financial or programmatic monitoring to verify subrecipents compliance with applicable requirements. In addition, Public Health did not obtain Single Audit reports from those subrecipients as required. Identification as a Repeat Finding Finding 2021-014 was reported in the immediate prior year. Cause Procedures to perform the required subrecipient monitoring were not established nor performed by Public Health. Effect By not properly evaluating the risk of noncompliance, Public Health may inadvertently award grant funds to subrecipients who lack the necessary mechanisms or understanding to adhere to federal statutes. This increases the likelihood of noncompliance arising during the performance of the grant-funded activities. Furthermore, failure to perform monitoring procedures or obtain Single Audit reports increases the risk for not properly identifying subrecipient program control weaknesses, noncompliance, and performing sufficient follow-up on any subrecipient corrective action. Questioned Costs No questioned costs were identified. Context Disbursements to subrecipients for the ELC program totaled $301,107,041, or 31.0% of total reported program expenditures. Recommendation Public Health should establish and document formal procedures for conducting risk assessments of its subrecipients, including criteria for evaluating organizational capacity, financial stability, compliance history, and programmatic capabilities. Public Health should also develop and implement specific subrecipient monitoring procedures and establish a process for obtaining Single Audit reports from its subrecipients. Furthermore, a monitoring mechanism should be implemented to track compliance with the single audit mandate among subrecipients, including regular follow-ups and documentation of communication efforts. Views of Responsible Officials and Corrective Action Plan Management’s response is reported in “Management’s Response and Corrective Action Plan” included in a separate section at the end of this report.
Federal Awarding Agency: USTreasuryImpact: Significant Deficiency, NoncomplianceAL Number and Title: 21.019 Coronavirus Relief Fund (CRF) ? COVID-19Federal Award Number: SLT0031, SLT0073Applicable Compliance Requirement: Subrecipient MonitoringCondition:DCCED staff did not issue timely management decisions for three of the four CRF single audit findings requiring follow-up during FY 22.Context:Federal regulations require pass-through entities to issue a management decision for audit findings relating to federal awards provided to subrecipients. The management decision must clearly state whether or not the audit finding is sustained, the reasons for the decision, and the adequacy of the subrecipient?s proposed corrective actions to address the findings.Of the three untimely management decisions, two were issued past the six month requirement and one has not been issued as of the end of FY 22. For the two management decisions issued past the six month requirement, one was two months and the other was 11 months past the requirement as of the end of FY 22.Cause:Due to staff oversight, DCCED?s single audit procedures did not require management decisions to be issued within the six month requirement. Further, the procedures did not require a supervisory review.Criteria:Title 2 CFR 200.332(d)(3) states that pass-through entities? monitoring of subrecipients must include issuing a management decision for audit findings that relate to federal awards provided to subrecipients.Title 2 CFR 200.521(d) states a management decision must be issued within six months of acceptance of the audit report by the federal audit clearinghouse.Effect:The lack of timely management decisions may result in subrecipients not taking appropriate corrective action. Noncompliance with federal regulations may result in the federal awarding agency imposing additional conditions or taking corrective action, including additional reporting requirements.Questioned Costs:NoneRecommendation:DCCED?s DAS director should revise single audit procedures to ensure management decisions are issued within six months. Further, procedures should include adequate supervisory review.Views of Responsible Officials:Management agrees with the finding.
FINDING 2022-206The Department did not complete required subrecipient monitoring of the Elementary and Secondary School Emergency Relief (ESSER) Fund of the Education Stabilization Fund.Type of Finding: Material Noncompliance, Material WeaknessAssistance Listing Title: Elementary and Secondary School Emergency Relief Fund; Emergency Assistance for Non-Public Schools; ARPA ESSER III; ARPA ESSER - Homeless Children and YouthAssistance Listing Number: 84.425D; 84.425R; 84.425U; 84.425WFederal Award Number: S425D210043; S425D200043; S425R210024; S425U210043; S425W210013Program Year: January 5, 2021 ? September 30, 2023; May 18, 2020 ? September 30, 2022; February 11, 2021 ? September 30, 2023; March 24, 2021 ? September 30, 2024; April 23, 2021 ? September 30, 2024Federal Agency: Department of EducationCompliance Requirement: Subrecipient MonitoringQuestioned Costs: NoneCriteria: The U.S. Code of Federal Regulations (CFR) 2 CFR Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards, superseding the Office of Management and Budget (OMB) Circular A-102, Grants and Cooperative Agreements with State and Local Governments, describes the pass-through entity?s responsibility for administering necessary requirements on subrecipients so that the federal award is used in accordance with federal regulations.Specifically, 2 CFR 200.332(d) and 2 CFR 25.200 identify the requirements for the Department as the pass- through entity in providing subawards. This includes communication of certain information, such as the subrecipient?s unique entity identifier and required registration in the System for Award Management (SAM). In addition, the Department must evaluate each subrecipient?s risk of noncompliance with federal statutes and the terms and conditions of the subaward when determining the extent of subrecipient monitoring to be completed to ensure that the subaward is used for authorized purposes, in compliance with federal statutes, regulations, and the terms and conditions of the subaward, and that the subaward performance goals are achieved. In addition to procedures identified as necessary based upon the evaluation of subrecipient risk or specifically required by the terms and conditions of the award, monitoring must include a review of financial and performance reports required by the pass-through entity, follow up on any deficiencies identified in the subrecipient that are detected through audits, on-site reviews and other means, and issuing a management decision for audit findings, as required by 2 CFR 200.521.Finally, 2 CFR 200.303 requires the Department to establish and maintain effective internal control over the federal award that provides reasonable assurance that the Department is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award.Condition: The Department initially received ESSER funding in fiscal year 2021 and integrated ESSER monitoring with the general subrecipient monitoring used for other federal programs. The Department?s 2020- 2021 Monitoring Tool included only one indicator related to the ESSER program and did not adequately address all subrecipient monitoring requirements. However, in fiscal year 2021, the Department determined that the existing monitoring procedures were not robust enough for the additional requirements associated with ESSER subrecipient monitoring and discontinued those procedures without implementing any alternative procedures during fiscal year 2022.This was a finding included in the Single Audit Report for the year ended June 30, 2021, and the Department provided a corrective action plan to monitor subrecipients. However, the Department did not implement the plan until after the audit period, in fiscal year 2023.Cause: The Department realized the current procedures were not sufficient to meet the monitoring requirements of ESSER and indicated a monitoring process specific to the ESSER program compliance requirements was being developed; however, it was not developed in a timely manner to comply with federal requirements.Effect: The Department is not in compliance with subrecipient monitoring requirements. Without adequate monitoring of subrecipients, the Department is exposed to an increased risk of making improper payments for unallowable or unsupported costs.Recommendation: We recommend that the Department implement procedures to ensure compliance with all requirements as a pass-through entity. We also recommend that the Department design and implement effective control procedures to ensure subrecipient monitoring activities are complete and appropriate.Management?s View: The Department agrees with this finding.Corrective Action: It was not until the end of the 2022 legislative session that spending authority was given to the State Department of Education to use ARP ESSER administrative funds to hire additional staff to meet the robust requirements identified by the U.S. Department of Education. Up to that point, only one full-time person was handling all of the needs associated with ESSER funds. Since then, two positions have been hired. The ESSER Data and Reporting Coordinator began in April 2022, and the ESSER Monitoring Coordinator began in June 2022. While developing the monitoring procedures began in July 2022, it was after the audit timeframe. The Department now has in place all ESSER monitoring policies and procedures and will complete year one monitoring before May 5, 2023.Auditor?s Concluding Remarks: We thank the Department for its cooperation and assistance throughout the audit.
FINDING 2022-206The Department did not complete required subrecipient monitoring of the Elementary and Secondary School Emergency Relief (ESSER) Fund of the Education Stabilization Fund.Type of Finding: Material Noncompliance, Material WeaknessAssistance Listing Title: Elementary and Secondary School Emergency Relief Fund; Emergency Assistance for Non-Public Schools; ARPA ESSER III; ARPA ESSER - Homeless Children and YouthAssistance Listing Number: 84.425D; 84.425R; 84.425U; 84.425WFederal Award Number: S425D210043; S425D200043; S425R210024; S425U210043; S425W210013Program Year: January 5, 2021 ? September 30, 2023; May 18, 2020 ? September 30, 2022; February 11, 2021 ? September 30, 2023; March 24, 2021 ? September 30, 2024; April 23, 2021 ? September 30, 2024Federal Agency: Department of EducationCompliance Requirement: Subrecipient MonitoringQuestioned Costs: NoneCriteria: The U.S. Code of Federal Regulations (CFR) 2 CFR Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards, superseding the Office of Management and Budget (OMB) Circular A-102, Grants and Cooperative Agreements with State and Local Governments, describes the pass-through entity?s responsibility for administering necessary requirements on subrecipients so that the federal award is used in accordance with federal regulations.Specifically, 2 CFR 200.332(d) and 2 CFR 25.200 identify the requirements for the Department as the pass- through entity in providing subawards. This includes communication of certain information, such as the subrecipient?s unique entity identifier and required registration in the System for Award Management (SAM). In addition, the Department must evaluate each subrecipient?s risk of noncompliance with federal statutes and the terms and conditions of the subaward when determining the extent of subrecipient monitoring to be completed to ensure that the subaward is used for authorized purposes, in compliance with federal statutes, regulations, and the terms and conditions of the subaward, and that the subaward performance goals are achieved. In addition to procedures identified as necessary based upon the evaluation of subrecipient risk or specifically required by the terms and conditions of the award, monitoring must include a review of financial and performance reports required by the pass-through entity, follow up on any deficiencies identified in the subrecipient that are detected through audits, on-site reviews and other means, and issuing a management decision for audit findings, as required by 2 CFR 200.521.Finally, 2 CFR 200.303 requires the Department to establish and maintain effective internal control over the federal award that provides reasonable assurance that the Department is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award.Condition: The Department initially received ESSER funding in fiscal year 2021 and integrated ESSER monitoring with the general subrecipient monitoring used for other federal programs. The Department?s 2020- 2021 Monitoring Tool included only one indicator related to the ESSER program and did not adequately address all subrecipient monitoring requirements. However, in fiscal year 2021, the Department determined that the existing monitoring procedures were not robust enough for the additional requirements associated with ESSER subrecipient monitoring and discontinued those procedures without implementing any alternative procedures during fiscal year 2022.This was a finding included in the Single Audit Report for the year ended June 30, 2021, and the Department provided a corrective action plan to monitor subrecipients. However, the Department did not implement the plan until after the audit period, in fiscal year 2023.Cause: The Department realized the current procedures were not sufficient to meet the monitoring requirements of ESSER and indicated a monitoring process specific to the ESSER program compliance requirements was being developed; however, it was not developed in a timely manner to comply with federal requirements.Effect: The Department is not in compliance with subrecipient monitoring requirements. Without adequate monitoring of subrecipients, the Department is exposed to an increased risk of making improper payments for unallowable or unsupported costs.Recommendation: We recommend that the Department implement procedures to ensure compliance with all requirements as a pass-through entity. We also recommend that the Department design and implement effective control procedures to ensure subrecipient monitoring activities are complete and appropriate.Management?s View: The Department agrees with this finding.Corrective Action: It was not until the end of the 2022 legislative session that spending authority was given to the State Department of Education to use ARP ESSER administrative funds to hire additional staff to meet the robust requirements identified by the U.S. Department of Education. Up to that point, only one full-time person was handling all of the needs associated with ESSER funds. Since then, two positions have been hired. The ESSER Data and Reporting Coordinator began in April 2022, and the ESSER Monitoring Coordinator began in June 2022. While developing the monitoring procedures began in July 2022, it was after the audit timeframe. The Department now has in place all ESSER monitoring policies and procedures and will complete year one monitoring before May 5, 2023.Auditor?s Concluding Remarks: We thank the Department for its cooperation and assistance throughout the audit.
FINDING 2022-206The Department did not complete required subrecipient monitoring of the Elementary and Secondary School Emergency Relief (ESSER) Fund of the Education Stabilization Fund.Type of Finding: Material Noncompliance, Material WeaknessAssistance Listing Title: Elementary and Secondary School Emergency Relief Fund; Emergency Assistance for Non-Public Schools; ARPA ESSER III; ARPA ESSER - Homeless Children and YouthAssistance Listing Number: 84.425D; 84.425R; 84.425U; 84.425WFederal Award Number: S425D210043; S425D200043; S425R210024; S425U210043; S425W210013Program Year: January 5, 2021 ? September 30, 2023; May 18, 2020 ? September 30, 2022; February 11, 2021 ? September 30, 2023; March 24, 2021 ? September 30, 2024; April 23, 2021 ? September 30, 2024Federal Agency: Department of EducationCompliance Requirement: Subrecipient MonitoringQuestioned Costs: NoneCriteria: The U.S. Code of Federal Regulations (CFR) 2 CFR Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards, superseding the Office of Management and Budget (OMB) Circular A-102, Grants and Cooperative Agreements with State and Local Governments, describes the pass-through entity?s responsibility for administering necessary requirements on subrecipients so that the federal award is used in accordance with federal regulations.Specifically, 2 CFR 200.332(d) and 2 CFR 25.200 identify the requirements for the Department as the pass- through entity in providing subawards. This includes communication of certain information, such as the subrecipient?s unique entity identifier and required registration in the System for Award Management (SAM). In addition, the Department must evaluate each subrecipient?s risk of noncompliance with federal statutes and the terms and conditions of the subaward when determining the extent of subrecipient monitoring to be completed to ensure that the subaward is used for authorized purposes, in compliance with federal statutes, regulations, and the terms and conditions of the subaward, and that the subaward performance goals are achieved. In addition to procedures identified as necessary based upon the evaluation of subrecipient risk or specifically required by the terms and conditions of the award, monitoring must include a review of financial and performance reports required by the pass-through entity, follow up on any deficiencies identified in the subrecipient that are detected through audits, on-site reviews and other means, and issuing a management decision for audit findings, as required by 2 CFR 200.521.Finally, 2 CFR 200.303 requires the Department to establish and maintain effective internal control over the federal award that provides reasonable assurance that the Department is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award.Condition: The Department initially received ESSER funding in fiscal year 2021 and integrated ESSER monitoring with the general subrecipient monitoring used for other federal programs. The Department?s 2020- 2021 Monitoring Tool included only one indicator related to the ESSER program and did not adequately address all subrecipient monitoring requirements. However, in fiscal year 2021, the Department determined that the existing monitoring procedures were not robust enough for the additional requirements associated with ESSER subrecipient monitoring and discontinued those procedures without implementing any alternative procedures during fiscal year 2022.This was a finding included in the Single Audit Report for the year ended June 30, 2021, and the Department provided a corrective action plan to monitor subrecipients. However, the Department did not implement the plan until after the audit period, in fiscal year 2023.Cause: The Department realized the current procedures were not sufficient to meet the monitoring requirements of ESSER and indicated a monitoring process specific to the ESSER program compliance requirements was being developed; however, it was not developed in a timely manner to comply with federal requirements.Effect: The Department is not in compliance with subrecipient monitoring requirements. Without adequate monitoring of subrecipients, the Department is exposed to an increased risk of making improper payments for unallowable or unsupported costs.Recommendation: We recommend that the Department implement procedures to ensure compliance with all requirements as a pass-through entity. We also recommend that the Department design and implement effective control procedures to ensure subrecipient monitoring activities are complete and appropriate.Management?s View: The Department agrees with this finding.Corrective Action: It was not until the end of the 2022 legislative session that spending authority was given to the State Department of Education to use ARP ESSER administrative funds to hire additional staff to meet the robust requirements identified by the U.S. Department of Education. Up to that point, only one full-time person was handling all of the needs associated with ESSER funds. Since then, two positions have been hired. The ESSER Data and Reporting Coordinator began in April 2022, and the ESSER Monitoring Coordinator began in June 2022. While developing the monitoring procedures began in July 2022, it was after the audit timeframe. The Department now has in place all ESSER monitoring policies and procedures and will complete year one monitoring before May 5, 2023.Auditor?s Concluding Remarks: We thank the Department for its cooperation and assistance throughout the audit.
FINDING 2022-206The Department did not complete required subrecipient monitoring of the Elementary and Secondary School Emergency Relief (ESSER) Fund of the Education Stabilization Fund.Type of Finding: Material Noncompliance, Material WeaknessAssistance Listing Title: Elementary and Secondary School Emergency Relief Fund; Emergency Assistance for Non-Public Schools; ARPA ESSER III; ARPA ESSER - Homeless Children and YouthAssistance Listing Number: 84.425D; 84.425R; 84.425U; 84.425WFederal Award Number: S425D210043; S425D200043; S425R210024; S425U210043; S425W210013Program Year: January 5, 2021 ? September 30, 2023; May 18, 2020 ? September 30, 2022; February 11, 2021 ? September 30, 2023; March 24, 2021 ? September 30, 2024; April 23, 2021 ? September 30, 2024Federal Agency: Department of EducationCompliance Requirement: Subrecipient MonitoringQuestioned Costs: NoneCriteria: The U.S. Code of Federal Regulations (CFR) 2 CFR Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards, superseding the Office of Management and Budget (OMB) Circular A-102, Grants and Cooperative Agreements with State and Local Governments, describes the pass-through entity?s responsibility for administering necessary requirements on subrecipients so that the federal award is used in accordance with federal regulations.Specifically, 2 CFR 200.332(d) and 2 CFR 25.200 identify the requirements for the Department as the pass- through entity in providing subawards. This includes communication of certain information, such as the subrecipient?s unique entity identifier and required registration in the System for Award Management (SAM). In addition, the Department must evaluate each subrecipient?s risk of noncompliance with federal statutes and the terms and conditions of the subaward when determining the extent of subrecipient monitoring to be completed to ensure that the subaward is used for authorized purposes, in compliance with federal statutes, regulations, and the terms and conditions of the subaward, and that the subaward performance goals are achieved. In addition to procedures identified as necessary based upon the evaluation of subrecipient risk or specifically required by the terms and conditions of the award, monitoring must include a review of financial and performance reports required by the pass-through entity, follow up on any deficiencies identified in the subrecipient that are detected through audits, on-site reviews and other means, and issuing a management decision for audit findings, as required by 2 CFR 200.521.Finally, 2 CFR 200.303 requires the Department to establish and maintain effective internal control over the federal award that provides reasonable assurance that the Department is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award.Condition: The Department initially received ESSER funding in fiscal year 2021 and integrated ESSER monitoring with the general subrecipient monitoring used for other federal programs. The Department?s 2020- 2021 Monitoring Tool included only one indicator related to the ESSER program and did not adequately address all subrecipient monitoring requirements. However, in fiscal year 2021, the Department determined that the existing monitoring procedures were not robust enough for the additional requirements associated with ESSER subrecipient monitoring and discontinued those procedures without implementing any alternative procedures during fiscal year 2022.This was a finding included in the Single Audit Report for the year ended June 30, 2021, and the Department provided a corrective action plan to monitor subrecipients. However, the Department did not implement the plan until after the audit period, in fiscal year 2023.Cause: The Department realized the current procedures were not sufficient to meet the monitoring requirements of ESSER and indicated a monitoring process specific to the ESSER program compliance requirements was being developed; however, it was not developed in a timely manner to comply with federal requirements.Effect: The Department is not in compliance with subrecipient monitoring requirements. Without adequate monitoring of subrecipients, the Department is exposed to an increased risk of making improper payments for unallowable or unsupported costs.Recommendation: We recommend that the Department implement procedures to ensure compliance with all requirements as a pass-through entity. We also recommend that the Department design and implement effective control procedures to ensure subrecipient monitoring activities are complete and appropriate.Management?s View: The Department agrees with this finding.Corrective Action: It was not until the end of the 2022 legislative session that spending authority was given to the State Department of Education to use ARP ESSER administrative funds to hire additional staff to meet the robust requirements identified by the U.S. Department of Education. Up to that point, only one full-time person was handling all of the needs associated with ESSER funds. Since then, two positions have been hired. The ESSER Data and Reporting Coordinator began in April 2022, and the ESSER Monitoring Coordinator began in June 2022. While developing the monitoring procedures began in July 2022, it was after the audit timeframe. The Department now has in place all ESSER monitoring policies and procedures and will complete year one monitoring before May 5, 2023.Auditor?s Concluding Remarks: We thank the Department for its cooperation and assistance throughout the audit.
2022-007 - Noncompliance with Subrecipient Monitoring RequirementsAward Years: 2018, 2020 - 2022Award Numbers: DUE-2044358, NA18OAR4170098, OIA-2019511, OIA-2119688Compliance Requirement: Subrecipient MonitoringRepeat Finding: Yes (Prior Year Finding No. 2021-010)See Schedule of Findings and Questioned Costs for chart/tableCondition:For the second consecutive year, UL Lafayette did not adequately monitor subrecipients of the R&D Cluster programs. In a non-statistical sample of five subawards out of a population of 49 subawards, it was noted that for four (80%) of the subrecipients evaluated UL Lafayette was unable to provide documentation that ensured each subrecipient obtained the required audit or that the audit was reviewed so that timely and appropriate action could be taken for any findings pertaining to the federal awards. Additionally, for all five (100%) of the subrecipients evaluated, UL Lafayette could not provide evidence that the required risk analyses were performed to evaluate each subrecipients? risk of noncompliance with federal regulations and the terms of the subaward.Criteria:2 CFR 200.332(b) requires pass-through entities to evaluate each subrecipient's risk of noncompliance with federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring.Per 2 CFR 200.332(f), pass-through entities are responsible for verifying that every subrecipient is audited as required by 2 CFR Part 200, subpart F when it is expected that the subrecipient's federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in CFR 200.501 of $750,000 or more in federal awards during the subrecipient?s fiscal year.2 CFR 200.332(d)(2) requires that pass-through entities follow-up and ensure that the subrecipient takes timely and appropriate action on all deficiencies provided to the subrecipient from the pass-through entities detected through audits, on-site reviews, and written confirmation from the subrecipient.2 CFR 200.332(d)(2) and (3) require pass-through entities to issue a management decision on applicable audit findings in accordance with 2 CFR 200.521, within six months after acceptance of the subrecipient?s audit report by the Federal Audit Clearinghouse, and ensure that the subrecipient takes timely and appropriate corrective action on all findings.Cause:UL Lafayette management indicated that it was working on internal procedures to adequately monitor subrecipients as result of the prior-year finding. However, management has yet to finalize and apply these procedures on all active subrecipients.Effect:Failure to properly monitor subrecipients results in noncompliance with federal regulations and increases the likelihood of improper payments which may have to be returned to the federal awarding agency.Recommendation:UL Lafayette should strengthen controls to ensure the timely review of all required subrecipient audit reports in order to evaluate the impact of any findings noted in the audits and issue management decision letters, if applicable. In addition, UL Lafayette should strengthen controls to ensure risk assessments are performed and documented on all subrecipients in accordance with federal regulations.Management?s Response and Corrective Action Plan:Management did not concur with the finding, noting it did not have sufficient time in fiscal year 2022 for corrective action and provided its progress on addressing the finding (B-83).
2022-007 - Noncompliance with Subrecipient Monitoring RequirementsAward Years: 2018, 2020 - 2022Award Numbers: DUE-2044358, NA18OAR4170098, OIA-2019511, OIA-2119688Compliance Requirement: Subrecipient MonitoringRepeat Finding: Yes (Prior Year Finding No. 2021-010)See Schedule of Findings and Questioned Costs for chart/tableCondition:For the second consecutive year, UL Lafayette did not adequately monitor subrecipients of the R&D Cluster programs. In a non-statistical sample of five subawards out of a population of 49 subawards, it was noted that for four (80%) of the subrecipients evaluated UL Lafayette was unable to provide documentation that ensured each subrecipient obtained the required audit or that the audit was reviewed so that timely and appropriate action could be taken for any findings pertaining to the federal awards. Additionally, for all five (100%) of the subrecipients evaluated, UL Lafayette could not provide evidence that the required risk analyses were performed to evaluate each subrecipients? risk of noncompliance with federal regulations and the terms of the subaward.Criteria:2 CFR 200.332(b) requires pass-through entities to evaluate each subrecipient's risk of noncompliance with federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring.Per 2 CFR 200.332(f), pass-through entities are responsible for verifying that every subrecipient is audited as required by 2 CFR Part 200, subpart F when it is expected that the subrecipient's federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in CFR 200.501 of $750,000 or more in federal awards during the subrecipient?s fiscal year.2 CFR 200.332(d)(2) requires that pass-through entities follow-up and ensure that the subrecipient takes timely and appropriate action on all deficiencies provided to the subrecipient from the pass-through entities detected through audits, on-site reviews, and written confirmation from the subrecipient.2 CFR 200.332(d)(2) and (3) require pass-through entities to issue a management decision on applicable audit findings in accordance with 2 CFR 200.521, within six months after acceptance of the subrecipient?s audit report by the Federal Audit Clearinghouse, and ensure that the subrecipient takes timely and appropriate corrective action on all findings.Cause:UL Lafayette management indicated that it was working on internal procedures to adequately monitor subrecipients as result of the prior-year finding. However, management has yet to finalize and apply these procedures on all active subrecipients.Effect:Failure to properly monitor subrecipients results in noncompliance with federal regulations and increases the likelihood of improper payments which may have to be returned to the federal awarding agency.Recommendation:UL Lafayette should strengthen controls to ensure the timely review of all required subrecipient audit reports in order to evaluate the impact of any findings noted in the audits and issue management decision letters, if applicable. In addition, UL Lafayette should strengthen controls to ensure risk assessments are performed and documented on all subrecipients in accordance with federal regulations.Management?s Response and Corrective Action Plan:Management did not concur with the finding, noting it did not have sufficient time in fiscal year 2022 for corrective action and provided its progress on addressing the finding (B-83).
2022-007 - Noncompliance with Subrecipient Monitoring RequirementsAward Years: 2018, 2020 - 2022Award Numbers: DUE-2044358, NA18OAR4170098, OIA-2019511, OIA-2119688Compliance Requirement: Subrecipient MonitoringRepeat Finding: Yes (Prior Year Finding No. 2021-010)See Schedule of Findings and Questioned Costs for chart/tableCondition:For the second consecutive year, UL Lafayette did not adequately monitor subrecipients of the R&D Cluster programs. In a non-statistical sample of five subawards out of a population of 49 subawards, it was noted that for four (80%) of the subrecipients evaluated UL Lafayette was unable to provide documentation that ensured each subrecipient obtained the required audit or that the audit was reviewed so that timely and appropriate action could be taken for any findings pertaining to the federal awards. Additionally, for all five (100%) of the subrecipients evaluated, UL Lafayette could not provide evidence that the required risk analyses were performed to evaluate each subrecipients? risk of noncompliance with federal regulations and the terms of the subaward.Criteria:2 CFR 200.332(b) requires pass-through entities to evaluate each subrecipient's risk of noncompliance with federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring.Per 2 CFR 200.332(f), pass-through entities are responsible for verifying that every subrecipient is audited as required by 2 CFR Part 200, subpart F when it is expected that the subrecipient's federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in CFR 200.501 of $750,000 or more in federal awards during the subrecipient?s fiscal year.2 CFR 200.332(d)(2) requires that pass-through entities follow-up and ensure that the subrecipient takes timely and appropriate action on all deficiencies provided to the subrecipient from the pass-through entities detected through audits, on-site reviews, and written confirmation from the subrecipient.2 CFR 200.332(d)(2) and (3) require pass-through entities to issue a management decision on applicable audit findings in accordance with 2 CFR 200.521, within six months after acceptance of the subrecipient?s audit report by the Federal Audit Clearinghouse, and ensure that the subrecipient takes timely and appropriate corrective action on all findings.Cause:UL Lafayette management indicated that it was working on internal procedures to adequately monitor subrecipients as result of the prior-year finding. However, management has yet to finalize and apply these procedures on all active subrecipients.Effect:Failure to properly monitor subrecipients results in noncompliance with federal regulations and increases the likelihood of improper payments which may have to be returned to the federal awarding agency.Recommendation:UL Lafayette should strengthen controls to ensure the timely review of all required subrecipient audit reports in order to evaluate the impact of any findings noted in the audits and issue management decision letters, if applicable. In addition, UL Lafayette should strengthen controls to ensure risk assessments are performed and documented on all subrecipients in accordance with federal regulations.Management?s Response and Corrective Action Plan:Management did not concur with the finding, noting it did not have sufficient time in fiscal year 2022 for corrective action and provided its progress on addressing the finding (B-83).
Reference Number:2022-010Prior Year Finding:NoFederal Agency:U.S. Department of the TreasuryState Agency:Department of Community AffairsFederal Program:COVID-19 - Homeowner Assistance FundAssistance Listing Number:21.026Award Number and Year:HAF0019 (2021)Compliance Requirement:Subrecipient MonitoringType of FindingSignificant Deficiency in Internal Control over Compliance, Other MattersCriteria or specific requirement:Compliance ? Per 2 CFR section 200.332(a), all pass-through entities must ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the following information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward.Required information includes:i. Subrecipient name (which must match the name associated with its unique entity identifier);ii. Subrecipient's unique entity identifier;iii. Federal Award Identification Number (FAIN);iv. Federal Award Date (see the definition of Federal award date in ? 200.1 of this part) of award to the recipient by the Federal agency;v. Subaward Period of Performance Start and End Date;vi. Subaward Budget Period Start and End Date;vii. Amount of Federal Funds Obligated by this action by the pass-through entity to the subrecipient;viii. Total Amount of Federal Funds Obligated to the subrecipient by the pass-through entity including the current financial obligation;ix. Total Amount of the Federal Award committed to the subrecipient by the pass-through entity;x. Federal award project description, as required to be responsive to the Federal Funding Accountability and Transparency Act (FFATA);xi. Name of Federal awarding agency, pass-through entity, and contact information for awarding official of the Pass-through entity;xii. Assistance Listings number and Title; the pass-through entity must identify the dollar amount made available under each Federal award and the Assistance Listings Number at time of disbursement;xiii. Identification of whether the award is R&D; andxiv. Indirect cost rate for the Federal award (including if the de minimis rate is charged) per section 200.414.2 CFR section 200.332 also states that pass-through entities must:(d) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as:1) The subrecipient's prior experience with the same or similar subawards;2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with Subpart F - Audit Requirements of this part, and the extent to which the same or similar subaward has been audited as a major program;3) Whether the subrecipient has new personnel or new or substantially changed systems;4) The extent and results of Federal awarding agency monitoring (e.g., if the subrecipient also receives Federal awards directly from a Federal awarding agency).(e) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include:(1) Reviewing financial and performance reports required by the pass-through entity.(2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means.(3) Issuing a management decision for audit findings pertaining to the Federal award provided to the subrecipient from the pass-through entity as required by ? 200.521 Management decision.(f) Verify that every subrecipient is audited as required by Subpart F - Audit Requirements of this part when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in ? 200.501 Audit requirements.Control ? Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in ?Standards for Internal Control in the Federal Government? issued by the Comptroller General of the United States or the ?Internal Control Integrated Framework?, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO).Condition:The Department of Community Affairs (Department) did not comply with subrecipient monitoring requirements for the program.Context:The Department issued one subaward under the program and it was noted that the subaward did not include all required Federal Award information, nor did the Department perform a risk assessment of the subrecipient or perform monitoring activities for the award.Questioned costs:None noted.Cause:The Department?s procedures and controls were not effective to ensure the subaward was issued in compliance with Federal requirements, nor that it performed a risk assessment or timely monitoring of subrecipient.Effect:Excluding the required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. There is also the potential for subrecipients to have incomplete Schedules of Expenditures of Federal Awards (SEFA) in their Single Audit reports, and federal funds may not be properly audited at the subrecipient level in accordance with the Uniform Guidance.Not conducting during the award monitoring may result in a failure of the Division to detect that its subrecipients used subawards for unauthorized purposes, managed them in violation of the terms and conditions of the subawards, or that subaward performance goals were not achieved.Without ensuring subrecipients have obtained audits as required by Subpart F, there is an increased risk that subrecipients could be inappropriately spending and/or inaccurately tracking and reporting federal funds over multiple year periods, and these discrepancies may not be properly monitored, detected, and corrected by Division personnel on a timely basis.Recommendation:The Department should review and enhance internal controls and procedures to ensure that all required information is included in all subawards, that proper subrecipient monitoring is conducted, and that evaluation of independent audits is performed.Views of responsible officials:As recommended, the Department of Community Affairs (DCA) will review current procedures to ensure that all subaward information required by the federal Uniform Guidance is included in all subaward contracts and grant agreements. The DCA has also reviewed its current subrecipient monitoring procedures for standard subawards made by the agency and has determined that no internal control enhancements are required. The HAF award was a unique grant relationship for DCA in that the entire award was passed through to another New Jersey State government agency that is a direct affiliate of the Department. Monitoring procedures were determined based on the close working relationship with our affiliate organization and the fact that less than 1 percent of the grant award was expended through June 30, 2022. Current procedures included a risk assessment of the subrecipient and performance of the single audit desk review of the independent audit report. In addition, the Director of Audit, and the Executive Director of the subgrantee affiliate participate in weekly meetings where updates on the program status can be determined. DCA?s subrecipient monitoring plan also includes the hiring of an Integrity Monitor to oversee and monitor the use of the HAF funds as well as compliance with all HAF program reporting requirements. As program disbursement activity is continuing to increase with the HAF program(s) created more fully up and running, DCA is currently targeting the Integrity Monitor hire to take place sometime within the next three to six months.
Assistance Listings number and name: 12.401 National Guard Military Operations and Maintenance (O&M) Projects Award numbers and years: W912L2-21-2-1000, October 1, 2020 through September 30, 2021; W912L2-22-2-1000, October 1, 2021 through September 30, 2022 Federal agency: U.S. Department of Defense Compliance requirements: Activities allowed or unallowed and allowable costs/cost principles Questioned costs: $125,288 Condition—Contrary to federal regulations and its policies, the Department of Emergency Military Affairs (Department) did not always retain documentation supporting the payroll costs it charged to the program. Specifically, the Department had not retained the personnel action forms supporting and approving employees’ pay rates and authorizing them to work on the program for 4 of 21 employees we tested, as follows: • $123,968 for 3 employees’ annual payroll costs and employee-related expenses for which each employee’s salaries and wages and authorization to work on the program were not supported by documented personnel action forms. • $1,320 for 1 employee whose previous personnel action form authorized their working on the program but whose most recent pay rate increase was not supported by a documented personnel action form. Effect—The Department’s failure to retain documentation supporting payroll costs could potentially result in the Department being required to return monies spent on unallowable costs to the federal agency or adjust its program’s costs so that monies are spent for allowable costs.1 During fiscal year 2022, the Department paid 323 employees $15,486,984 of salaries and wages, including employee-related expenses, that were charged to the program. There is a risk that the Department could have potentially charged additional payroll costs to the program without maintaining the required supporting documentation. Finally, the Department is at risk that this finding applies to other federal programs it administers. Cause—The Department’s Administrative Services Office (Office) was not adequately trained to follow the documentation and record retention policy. Specifically, the Office reported that it did not retain the personnel action records as they were unaware that all employee personnel records were required to be retained for 5 years after an employee’s termination. Instead, the Office interpreted the policy to only require these documents to be retained for 5 years after the documents were originally created. Criteria—The Department’s record retention policies require its Administrative Services Office to retain for 5 years after an employee’s termination all the employee’s employment records, including personnel action forms authorizing employee pay rate changes and program assignments.2 Federal regulation requires the Department to retain all records related to a federal program for a period of 3 years from the date the program’s final report was submitted to the federal awarding agency or pass-through grantor (2 CFR §200.334). Also, federal regulation requires the Department to maintain records for salaries and wages charged to federal awards that accurately reflect the work performed and are supported by policies and internal controls to ensure they are accurate, allowable, and properly allocated (2 CFR §200.430[i][1][i]). Further, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that federal programs are being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—The Department should: 1. Ensure documentation is retained for all personnel actions to demonstrate employees’ salaries and wages, including employee-related expenses, are authorized to be charged to the program. 2. Review all employee personnel files for employees currently paid under the program to ensure the required documentation has been retained. If the documentation has not been retained, program management should review the employees’ activities to ensure they are allowable under the program and prepare and retain the required documentation. Further, if employee activities are determined to be unallowable, coordinate with the U.S. Department of Defense to adjust future federal reimbursement requests or repay any unallowable costs the Department charged to the program. 3. Train its Administrative Services Office and Department employees who are responsible for administering federal programs on the documentation and record retention requirements for payroll costs charged to federal programs. The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy. 1 Federal Uniform Guidance requires federal awarding agencies to follow up on audit findings and issue a management decision to ensure the recipient, the Office, takes appropriate and timely corrective action (2 CFR §200.513[c]). Further, it requires that federal awarding agencies’ management decisions clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action, as directed by the federal awarding agencies (2 CFR §200.521). 2 Arizona Department of Emergency Military Affairs (DEMA), State Human Resources Administration. (2007, October). DEMA Directive 20.1, section 1.3. Retrieved 9/13/2023 from https://dema.az.gov/sites/default/files/2023-08/20.1_State_Human_Resources_Administration_20071001.pdf.
Assistance Listings number and name: 12.401 National Guard Military Operations and Maintenance (O&M) Projects Award numbers and years: W912L2-21-2-1000, October 1, 2020 through September 30, 2021; W912L2-22-2-1000, October 1, 2021 through September 30, 2022 Federal agency: U.S. Department of Defense Compliance requirements: Activities allowed or unallowed and allowable costs/cost principles Questioned costs: $125,288 Condition—Contrary to federal regulations and its policies, the Department of Emergency Military Affairs (Department) did not always retain documentation supporting the payroll costs it charged to the program. Specifically, the Department had not retained the personnel action forms supporting and approving employees’ pay rates and authorizing them to work on the program for 4 of 21 employees we tested, as follows: • $123,968 for 3 employees’ annual payroll costs and employee-related expenses for which each employee’s salaries and wages and authorization to work on the program were not supported by documented personnel action forms. • $1,320 for 1 employee whose previous personnel action form authorized their working on the program but whose most recent pay rate increase was not supported by a documented personnel action form. Effect—The Department’s failure to retain documentation supporting payroll costs could potentially result in the Department being required to return monies spent on unallowable costs to the federal agency or adjust its program’s costs so that monies are spent for allowable costs.1 During fiscal year 2022, the Department paid 323 employees $15,486,984 of salaries and wages, including employee-related expenses, that were charged to the program. There is a risk that the Department could have potentially charged additional payroll costs to the program without maintaining the required supporting documentation. Finally, the Department is at risk that this finding applies to other federal programs it administers. Cause—The Department’s Administrative Services Office (Office) was not adequately trained to follow the documentation and record retention policy. Specifically, the Office reported that it did not retain the personnel action records as they were unaware that all employee personnel records were required to be retained for 5 years after an employee’s termination. Instead, the Office interpreted the policy to only require these documents to be retained for 5 years after the documents were originally created. Criteria—The Department’s record retention policies require its Administrative Services Office to retain for 5 years after an employee’s termination all the employee’s employment records, including personnel action forms authorizing employee pay rate changes and program assignments.2 Federal regulation requires the Department to retain all records related to a federal program for a period of 3 years from the date the program’s final report was submitted to the federal awarding agency or pass-through grantor (2 CFR §200.334). Also, federal regulation requires the Department to maintain records for salaries and wages charged to federal awards that accurately reflect the work performed and are supported by policies and internal controls to ensure they are accurate, allowable, and properly allocated (2 CFR §200.430[i][1][i]). Further, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that federal programs are being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—The Department should: 1. Ensure documentation is retained for all personnel actions to demonstrate employees’ salaries and wages, including employee-related expenses, are authorized to be charged to the program. 2. Review all employee personnel files for employees currently paid under the program to ensure the required documentation has been retained. If the documentation has not been retained, program management should review the employees’ activities to ensure they are allowable under the program and prepare and retain the required documentation. Further, if employee activities are determined to be unallowable, coordinate with the U.S. Department of Defense to adjust future federal reimbursement requests or repay any unallowable costs the Department charged to the program. 3. Train its Administrative Services Office and Department employees who are responsible for administering federal programs on the documentation and record retention requirements for payroll costs charged to federal programs. The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy. 1 Federal Uniform Guidance requires federal awarding agencies to follow up on audit findings and issue a management decision to ensure the recipient, the Office, takes appropriate and timely corrective action (2 CFR §200.513[c]). Further, it requires that federal awarding agencies’ management decisions clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action, as directed by the federal awarding agencies (2 CFR §200.521). 2 Arizona Department of Emergency Military Affairs (DEMA), State Human Resources Administration. (2007, October). DEMA Directive 20.1, section 1.3. Retrieved 9/13/2023 from https://dema.az.gov/sites/default/files/2023-08/20.1_State_Human_Resources_Administration_20071001.pdf.
Assistance Listings numbers and names: 14.231 Emergency Solutions Grant Program 14.231 COVID-19—Emergency Solutions Grant Program Award numbers and years: E-20-DW-04-001, July 1, 2020 through September 9, 2022 E-21-DC-04-001, July 1, 2021 through September 9, 2023 Federal agency: U.S. Department of Housing and Urban Development Questioned costs: $1,425 Assistance Listings number and name: 14.267 Continuum of Care Program Award numbers and years: AZ0009L9T001912, October 1, 2020 through September 30, 2021; AZ0118L9T002008, February 1, 2021 through January 31, 2022; AZ0011L9T002013, May 1, 2021 through April 30, 2022; AZ0173L9T002004, July 1, 2021 through June 30, 2022; AZ0009L9T002013, October 1, 2021 through September 30, 2022 Federal agency: U.S. Department of Housing and Urban Development Questioned costs: $46,352 Compliance requirement: Subrecipient monitoring Total questioned costs: $47,777 Condition—Contrary to federal regulations and its federal award terms, the Department of Housing (ADOH) and Department of Economic Security (DES) reimbursed 1 nonprofit organization subrecipient for federal program costs totaling $47,777 during fiscal year 2022 that were unsupported, unallowable, and/or paid to the nonprofit organization’s principal officers or their immediate family member in violation of conflict-of-interest disclosure requirements. Specifically, we reviewed 51 reimbursements that included Continuum of Care Program and Emergency Solutions Grant Program costs totaling $446,695 and $10,692 for the year, respectively, and found that the departments reimbursed the subrecipient for: • $35,562 for financial and accounting services, travel, and supplies that were paid to 1 of the nonprofit organization’s principal officers, who served as the Treasurer, and their company, which was not disclosed as a conflict of interest to both departments as required by federal laws. Also, the subrecipient allocated these costs to other federal programs and nonfederal activities; however, neither department verified that the allocation method the subrecipient used was reasonable or that the costs, as allocated, were allowed by the programs’ requirements. We noted that the allocation method used may have resulted in multiple programs being overbilled for these services by up to $5,087. (ADOH and DES) • $7,274 for bookkeeping services that were not adequately supported by sufficiently detailed invoices and a signed contract having a specified price rate for the services and terms; therefore, we were unable to verify if the amounts paid were appropriate. Further, the departments reimbursed the Treasurer’s family member, whose bookkeeping services company was not disclosed as a conflict of interest to the departments as required by federal regulations. Also, the subrecipient allocated these costs to other federal programs and nonfederal activities; however, the departments did not verify that the allocation method the subrecipient used was reasonable or that the costs, as allocated, were allowed by the programs’ requirements. (ADOH and DES) • $4,365 for repairs and maintenance, travel, and supplies that were paid to another principal officer who performed various handyman services, including plumbing, painting, and building repairs, that were not adequately supported by a contract having specified price rates for the services and terms; therefore, we were unable to verify if the amounts reimbursed by ADOH were appropriate. Further, ADOH reimbursed the principal officer, whose services were not disclosed as a conflict of interest to ADOH as required by its contract with the subrecipient and federal regulations. (ADOH) • $576 for incentive payments to the subrecipient’s executive director without documentation demonstrating it was authorized by an agreement, reasonable for the services performed as provided in the subrecipient’s policies, and consistent with compensation paid for similar work in other activities; therefore, we were unable to verify if the amounts reimbursed by ADOH were allowable. (ADOH) Additionally, contrary to federal regulations, the departments had not ensured that the subrecipient implemented competitive purchasing procedures when procuring the professional services and handyman services described above, and the subrecipient was unable to provide documentation that it had competitively procured the services. (ADOH and DES) The Continuum of Care and the Emergency Solutions Grant Programs were not audited as major federal programs for the State’s fiscal year 2022 single audit; therefore, the scope of our review was not sufficient to determine whether the departments or their subrecipients complied with all applicable federal requirements for these programs. During the audit, we became aware of the potentially noncompliant 51 reimbursements involving 1 of the departments’ nonprofit subrecipients with which they partner to carry out federal and State programs, including the Continuum of Care Program, the Emergency Solutions Grants Program, and Temporary Assistance to Needy Families (TANF), which was audited as a major federal program for fiscal year 2022, as well as the State Housing Trust Fund. Our review of select reimbursements to this subrecipient resulted in similar findings for the TANF federal program and the State Housing Trust Fund that are described in items 2022-114 and 2022-05, respectively. Effect—The departments’ lack of required monitoring increased the risk that the monies it awarded to 1 nonprofit organization may not have been spent in accordance with the award terms and program requirements. Further, the departments’ reimbursing the subrecipient for $47,777 of unallowable or unsupported costs and/or costs paid to the nonprofit organization’s principal officers or their immediate family member in violation of conflict-of-interest disclosure requirements resulted in those monies being unavailable to be spent for their intended purpose of providing housing assistance to those in need. Consequently, the departments may be required to return these monies to the federal agencies in accordance with federal requirements.1 Cause—ADOH had not yet resumed all its subrecipient-monitoring activities, such as conducting on-site reviews and providing training and technical assistance, since suspending these activities during the COVID-19 pandemic during fiscal year 2020. Also, ADOH had not properly assessed this subrecipient’s risk of noncompliance with its award contract and program requirements to determine the level of monitoring procedures or training the subrecipient needed. For example, ADOH was unaware that the subrecipient had not informed it of principal officers’ conflicts of interest so that ADOH could ensure that those principal officers or their immediate family member were not involved in decision-making related to those conflicts and selectively reviewed the related costs and activities for compliance purposes. Further, ADOH personnel responsible for reviewing and approving the subrecipient’s reimbursement requests reported to us that they were trained to not follow its policies and procedures but, instead, to approve any costs that had been previously reimbursed. As reported in finding 2022-114, although the DES subrecipient-monitoring policies and procedures did not require it to obtain from subrecipients documentation supporting charges for personal and contracted professional services to verify allowability when subrecipients requested reimbursement, the policies and procedures required an on-site monitoring visit once every 3 years for each subrecipient in which it reviews a sample of the subrecipient’s personal and professional services charges. However, DES had not performed an on-site monitoring visit of the nonprofit subrecipient since 2018 because it had not yet resumed all its subrecipient-monitoring activities, such as conducting on-site reviews and providing training and technical assistance, since suspending these activities during the COVID-19 pandemic during fiscal year 2020. In addition, DES had not properly assessed the subrecipient’s risk of noncompliance with its award contract and program requirements to determine the level of monitoring procedures or training the subrecipient needed. For example, the Division was unaware that the subrecipient had not informed it of a principal officer’s conflicts of interest so that the Division could ensure that the principal officer or their immediate family member were not involved in decision-making related to those conflicts and selectively review the related costs and activities for compliance purposes. Criteria—Federal regulations require the Departments to monitor subrecipients and include required procedures for assessing the risk of each subrecipient’s noncompliance and implementing appropriate monitoring procedures to address those risk assessments; verifying single audits were conducted timely, if required; reviewing financial and performance reports; following up on and ensuring corrective action is taken on deficiencies that could potentially affect the program; and issuing management decisions on the results of audit findings or monitoring (2 CFR §§200.332, .339, and .521). Federal regulations provide that monitoring procedures the Departments may implement to address a subrecipient’s risk assessment include providing training or technical assistance on program-related matters and performing on-site reviews and selective audits of reimbursed costs (2 CFR §200.332[e]). Further, federal regulations require the Departments’ subrecipients to allocate allowable costs using a reasonable basis, to use competitive purchasing standards when procuring goods and services, and to disclose in writing to the Departments any potential conflicts of interest.2 Finally, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that federal programs are being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—The Departments should: 1. Immediately stop reimbursing the nonprofit subrecipient for costs that are unsupported, unallowable, and/or paid to the nonprofit subrecipient’s principal officers or their immediate family member in violation of conflict-of-interest disclosure requirements without obtaining documentation to support they comply with the program’s requirements and take appropriate enforcement actions in accordance with its subaward contract. (ADOH and DES) 2. Update its written policies and procedures for reviewing and approving subrecipient reimbursement requests to include a process to ensure costs are adequately supported and allowable in accordance with program requirements. (ADOH and DES) 3. Train personnel responsible for reviewing and approving subrecipient reimbursement requests on how to identify costs that are unallowable under federal regulations. (ADOH) 4. Assess the risk of each subrecipient’s noncompliance and perform the appropriate monitoring procedures based on the assessed risk, such as providing training or technical assistance on program-related matters and performing on-site reviews and selective audits of reimbursed costs for allowability. (ADOH and DES) 5. Ensure subrecipients allocate allowable costs using a reasonable basis, use competitive purchasing standards when procuring goods and services, and disclose in writing to the Departments any potential conflicts of interest. The Departments may need to provide training and technical assistance to subrecipients that addresses these compliance areas, including the Departments’ obtaining conflict-of-interest disclosures from subrecipients as part of the subaward contract, as an example, or otherwise establishing a communication mechanism for subrecipients to use as such conflicts arise. (ADOH and DES) 6. Continue to work with the nonprofit subrecipient to resolve the $47,777 in unallowable costs, including recovering these monies from the subrecipient and assessing the continued need to use this subrecipient for services. (ADOH and DES) 7. Work with the federal agencies to resolve the $47,777 of unallowable costs that it reimbursed, which may involve returning monies to the agencies. (ADOH and DES) The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy. 1 Federal Uniform Guidance requires federal awarding agencies to follow up on audit findings and issue a management decision to ensure the recipient takes appropriate and timely corrective action (2 CFR §200.513[c]). Further, it requires that federal awarding agencies’ management decisions clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action, as directed by the federal awarding agencies (2 CFR §200.521). 2 The applicable federal requirements related to allowable costs, competitive purchasing, and conflicts of interest can be found in the Code of Federal Regulations at 2 CFR §§200.112, .318-.327, and Subpart E, and 24 CFR §578.95 and 45 CFR §75.112.
Assistance Listings numbers and names: 14.231 Emergency Solutions Grant Program 14.231 COVID-19—Emergency Solutions Grant Program Award numbers and years: E-20-DW-04-001, July 1, 2020 through September 9, 2022 E-21-DC-04-001, July 1, 2021 through September 9, 2023 Federal agency: U.S. Department of Housing and Urban Development Questioned costs: $1,425 Assistance Listings number and name: 14.267 Continuum of Care Program Award numbers and years: AZ0009L9T001912, October 1, 2020 through September 30, 2021; AZ0118L9T002008, February 1, 2021 through January 31, 2022; AZ0011L9T002013, May 1, 2021 through April 30, 2022; AZ0173L9T002004, July 1, 2021 through June 30, 2022; AZ0009L9T002013, October 1, 2021 through September 30, 2022 Federal agency: U.S. Department of Housing and Urban Development Questioned costs: $46,352 Compliance requirement: Subrecipient monitoring Total questioned costs: $47,777 Condition—Contrary to federal regulations and its federal award terms, the Department of Housing (ADOH) and Department of Economic Security (DES) reimbursed 1 nonprofit organization subrecipient for federal program costs totaling $47,777 during fiscal year 2022 that were unsupported, unallowable, and/or paid to the nonprofit organization’s principal officers or their immediate family member in violation of conflict-of-interest disclosure requirements. Specifically, we reviewed 51 reimbursements that included Continuum of Care Program and Emergency Solutions Grant Program costs totaling $446,695 and $10,692 for the year, respectively, and found that the departments reimbursed the subrecipient for: • $35,562 for financial and accounting services, travel, and supplies that were paid to 1 of the nonprofit organization’s principal officers, who served as the Treasurer, and their company, which was not disclosed as a conflict of interest to both departments as required by federal laws. Also, the subrecipient allocated these costs to other federal programs and nonfederal activities; however, neither department verified that the allocation method the subrecipient used was reasonable or that the costs, as allocated, were allowed by the programs’ requirements. We noted that the allocation method used may have resulted in multiple programs being overbilled for these services by up to $5,087. (ADOH and DES) • $7,274 for bookkeeping services that were not adequately supported by sufficiently detailed invoices and a signed contract having a specified price rate for the services and terms; therefore, we were unable to verify if the amounts paid were appropriate. Further, the departments reimbursed the Treasurer’s family member, whose bookkeeping services company was not disclosed as a conflict of interest to the departments as required by federal regulations. Also, the subrecipient allocated these costs to other federal programs and nonfederal activities; however, the departments did not verify that the allocation method the subrecipient used was reasonable or that the costs, as allocated, were allowed by the programs’ requirements. (ADOH and DES) • $4,365 for repairs and maintenance, travel, and supplies that were paid to another principal officer who performed various handyman services, including plumbing, painting, and building repairs, that were not adequately supported by a contract having specified price rates for the services and terms; therefore, we were unable to verify if the amounts reimbursed by ADOH were appropriate. Further, ADOH reimbursed the principal officer, whose services were not disclosed as a conflict of interest to ADOH as required by its contract with the subrecipient and federal regulations. (ADOH) • $576 for incentive payments to the subrecipient’s executive director without documentation demonstrating it was authorized by an agreement, reasonable for the services performed as provided in the subrecipient’s policies, and consistent with compensation paid for similar work in other activities; therefore, we were unable to verify if the amounts reimbursed by ADOH were allowable. (ADOH) Additionally, contrary to federal regulations, the departments had not ensured that the subrecipient implemented competitive purchasing procedures when procuring the professional services and handyman services described above, and the subrecipient was unable to provide documentation that it had competitively procured the services. (ADOH and DES) The Continuum of Care and the Emergency Solutions Grant Programs were not audited as major federal programs for the State’s fiscal year 2022 single audit; therefore, the scope of our review was not sufficient to determine whether the departments or their subrecipients complied with all applicable federal requirements for these programs. During the audit, we became aware of the potentially noncompliant 51 reimbursements involving 1 of the departments’ nonprofit subrecipients with which they partner to carry out federal and State programs, including the Continuum of Care Program, the Emergency Solutions Grants Program, and Temporary Assistance to Needy Families (TANF), which was audited as a major federal program for fiscal year 2022, as well as the State Housing Trust Fund. Our review of select reimbursements to this subrecipient resulted in similar findings for the TANF federal program and the State Housing Trust Fund that are described in items 2022-114 and 2022-05, respectively. Effect—The departments’ lack of required monitoring increased the risk that the monies it awarded to 1 nonprofit organization may not have been spent in accordance with the award terms and program requirements. Further, the departments’ reimbursing the subrecipient for $47,777 of unallowable or unsupported costs and/or costs paid to the nonprofit organization’s principal officers or their immediate family member in violation of conflict-of-interest disclosure requirements resulted in those monies being unavailable to be spent for their intended purpose of providing housing assistance to those in need. Consequently, the departments may be required to return these monies to the federal agencies in accordance with federal requirements.1 Cause—ADOH had not yet resumed all its subrecipient-monitoring activities, such as conducting on-site reviews and providing training and technical assistance, since suspending these activities during the COVID-19 pandemic during fiscal year 2020. Also, ADOH had not properly assessed this subrecipient’s risk of noncompliance with its award contract and program requirements to determine the level of monitoring procedures or training the subrecipient needed. For example, ADOH was unaware that the subrecipient had not informed it of principal officers’ conflicts of interest so that ADOH could ensure that those principal officers or their immediate family member were not involved in decision-making related to those conflicts and selectively reviewed the related costs and activities for compliance purposes. Further, ADOH personnel responsible for reviewing and approving the subrecipient’s reimbursement requests reported to us that they were trained to not follow its policies and procedures but, instead, to approve any costs that had been previously reimbursed. As reported in finding 2022-114, although the DES subrecipient-monitoring policies and procedures did not require it to obtain from subrecipients documentation supporting charges for personal and contracted professional services to verify allowability when subrecipients requested reimbursement, the policies and procedures required an on-site monitoring visit once every 3 years for each subrecipient in which it reviews a sample of the subrecipient’s personal and professional services charges. However, DES had not performed an on-site monitoring visit of the nonprofit subrecipient since 2018 because it had not yet resumed all its subrecipient-monitoring activities, such as conducting on-site reviews and providing training and technical assistance, since suspending these activities during the COVID-19 pandemic during fiscal year 2020. In addition, DES had not properly assessed the subrecipient’s risk of noncompliance with its award contract and program requirements to determine the level of monitoring procedures or training the subrecipient needed. For example, the Division was unaware that the subrecipient had not informed it of a principal officer’s conflicts of interest so that the Division could ensure that the principal officer or their immediate family member were not involved in decision-making related to those conflicts and selectively review the related costs and activities for compliance purposes. Criteria—Federal regulations require the Departments to monitor subrecipients and include required procedures for assessing the risk of each subrecipient’s noncompliance and implementing appropriate monitoring procedures to address those risk assessments; verifying single audits were conducted timely, if required; reviewing financial and performance reports; following up on and ensuring corrective action is taken on deficiencies that could potentially affect the program; and issuing management decisions on the results of audit findings or monitoring (2 CFR §§200.332, .339, and .521). Federal regulations provide that monitoring procedures the Departments may implement to address a subrecipient’s risk assessment include providing training or technical assistance on program-related matters and performing on-site reviews and selective audits of reimbursed costs (2 CFR §200.332[e]). Further, federal regulations require the Departments’ subrecipients to allocate allowable costs using a reasonable basis, to use competitive purchasing standards when procuring goods and services, and to disclose in writing to the Departments any potential conflicts of interest.2 Finally, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that federal programs are being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—The Departments should: 1. Immediately stop reimbursing the nonprofit subrecipient for costs that are unsupported, unallowable, and/or paid to the nonprofit subrecipient’s principal officers or their immediate family member in violation of conflict-of-interest disclosure requirements without obtaining documentation to support they comply with the program’s requirements and take appropriate enforcement actions in accordance with its subaward contract. (ADOH and DES) 2. Update its written policies and procedures for reviewing and approving subrecipient reimbursement requests to include a process to ensure costs are adequately supported and allowable in accordance with program requirements. (ADOH and DES) 3. Train personnel responsible for reviewing and approving subrecipient reimbursement requests on how to identify costs that are unallowable under federal regulations. (ADOH) 4. Assess the risk of each subrecipient’s noncompliance and perform the appropriate monitoring procedures based on the assessed risk, such as providing training or technical assistance on program-related matters and performing on-site reviews and selective audits of reimbursed costs for allowability. (ADOH and DES) 5. Ensure subrecipients allocate allowable costs using a reasonable basis, use competitive purchasing standards when procuring goods and services, and disclose in writing to the Departments any potential conflicts of interest. The Departments may need to provide training and technical assistance to subrecipients that addresses these compliance areas, including the Departments’ obtaining conflict-of-interest disclosures from subrecipients as part of the subaward contract, as an example, or otherwise establishing a communication mechanism for subrecipients to use as such conflicts arise. (ADOH and DES) 6. Continue to work with the nonprofit subrecipient to resolve the $47,777 in unallowable costs, including recovering these monies from the subrecipient and assessing the continued need to use this subrecipient for services. (ADOH and DES) 7. Work with the federal agencies to resolve the $47,777 of unallowable costs that it reimbursed, which may involve returning monies to the agencies. (ADOH and DES) The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy. 1 Federal Uniform Guidance requires federal awarding agencies to follow up on audit findings and issue a management decision to ensure the recipient takes appropriate and timely corrective action (2 CFR §200.513[c]). Further, it requires that federal awarding agencies’ management decisions clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action, as directed by the federal awarding agencies (2 CFR §200.521). 2 The applicable federal requirements related to allowable costs, competitive purchasing, and conflicts of interest can be found in the Code of Federal Regulations at 2 CFR §§200.112, .318-.327, and Subpart E, and 24 CFR §578.95 and 45 CFR §75.112.
Assistance Listings numbers and names: 14.231 Emergency Solutions Grant Program 14.231 COVID-19—Emergency Solutions Grant Program Award numbers and years: E-20-DW-04-001, July 1, 2020 through September 9, 2022 E-21-DC-04-001, July 1, 2021 through September 9, 2023 Federal agency: U.S. Department of Housing and Urban Development Questioned costs: $1,425 Assistance Listings number and name: 14.267 Continuum of Care Program Award numbers and years: AZ0009L9T001912, October 1, 2020 through September 30, 2021; AZ0118L9T002008, February 1, 2021 through January 31, 2022; AZ0011L9T002013, May 1, 2021 through April 30, 2022; AZ0173L9T002004, July 1, 2021 through June 30, 2022; AZ0009L9T002013, October 1, 2021 through September 30, 2022 Federal agency: U.S. Department of Housing and Urban Development Questioned costs: $46,352 Compliance requirement: Subrecipient monitoring Total questioned costs: $47,777 Condition—Contrary to federal regulations and its federal award terms, the Department of Housing (ADOH) and Department of Economic Security (DES) reimbursed 1 nonprofit organization subrecipient for federal program costs totaling $47,777 during fiscal year 2022 that were unsupported, unallowable, and/or paid to the nonprofit organization’s principal officers or their immediate family member in violation of conflict-of-interest disclosure requirements. Specifically, we reviewed 51 reimbursements that included Continuum of Care Program and Emergency Solutions Grant Program costs totaling $446,695 and $10,692 for the year, respectively, and found that the departments reimbursed the subrecipient for: • $35,562 for financial and accounting services, travel, and supplies that were paid to 1 of the nonprofit organization’s principal officers, who served as the Treasurer, and their company, which was not disclosed as a conflict of interest to both departments as required by federal laws. Also, the subrecipient allocated these costs to other federal programs and nonfederal activities; however, neither department verified that the allocation method the subrecipient used was reasonable or that the costs, as allocated, were allowed by the programs’ requirements. We noted that the allocation method used may have resulted in multiple programs being overbilled for these services by up to $5,087. (ADOH and DES) • $7,274 for bookkeeping services that were not adequately supported by sufficiently detailed invoices and a signed contract having a specified price rate for the services and terms; therefore, we were unable to verify if the amounts paid were appropriate. Further, the departments reimbursed the Treasurer’s family member, whose bookkeeping services company was not disclosed as a conflict of interest to the departments as required by federal regulations. Also, the subrecipient allocated these costs to other federal programs and nonfederal activities; however, the departments did not verify that the allocation method the subrecipient used was reasonable or that the costs, as allocated, were allowed by the programs’ requirements. (ADOH and DES) • $4,365 for repairs and maintenance, travel, and supplies that were paid to another principal officer who performed various handyman services, including plumbing, painting, and building repairs, that were not adequately supported by a contract having specified price rates for the services and terms; therefore, we were unable to verify if the amounts reimbursed by ADOH were appropriate. Further, ADOH reimbursed the principal officer, whose services were not disclosed as a conflict of interest to ADOH as required by its contract with the subrecipient and federal regulations. (ADOH) • $576 for incentive payments to the subrecipient’s executive director without documentation demonstrating it was authorized by an agreement, reasonable for the services performed as provided in the subrecipient’s policies, and consistent with compensation paid for similar work in other activities; therefore, we were unable to verify if the amounts reimbursed by ADOH were allowable. (ADOH) Additionally, contrary to federal regulations, the departments had not ensured that the subrecipient implemented competitive purchasing procedures when procuring the professional services and handyman services described above, and the subrecipient was unable to provide documentation that it had competitively procured the services. (ADOH and DES) The Continuum of Care and the Emergency Solutions Grant Programs were not audited as major federal programs for the State’s fiscal year 2022 single audit; therefore, the scope of our review was not sufficient to determine whether the departments or their subrecipients complied with all applicable federal requirements for these programs. During the audit, we became aware of the potentially noncompliant 51 reimbursements involving 1 of the departments’ nonprofit subrecipients with which they partner to carry out federal and State programs, including the Continuum of Care Program, the Emergency Solutions Grants Program, and Temporary Assistance to Needy Families (TANF), which was audited as a major federal program for fiscal year 2022, as well as the State Housing Trust Fund. Our review of select reimbursements to this subrecipient resulted in similar findings for the TANF federal program and the State Housing Trust Fund that are described in items 2022-114 and 2022-05, respectively. Effect—The departments’ lack of required monitoring increased the risk that the monies it awarded to 1 nonprofit organization may not have been spent in accordance with the award terms and program requirements. Further, the departments’ reimbursing the subrecipient for $47,777 of unallowable or unsupported costs and/or costs paid to the nonprofit organization’s principal officers or their immediate family member in violation of conflict-of-interest disclosure requirements resulted in those monies being unavailable to be spent for their intended purpose of providing housing assistance to those in need. Consequently, the departments may be required to return these monies to the federal agencies in accordance with federal requirements.1 Cause—ADOH had not yet resumed all its subrecipient-monitoring activities, such as conducting on-site reviews and providing training and technical assistance, since suspending these activities during the COVID-19 pandemic during fiscal year 2020. Also, ADOH had not properly assessed this subrecipient’s risk of noncompliance with its award contract and program requirements to determine the level of monitoring procedures or training the subrecipient needed. For example, ADOH was unaware that the subrecipient had not informed it of principal officers’ conflicts of interest so that ADOH could ensure that those principal officers or their immediate family member were not involved in decision-making related to those conflicts and selectively reviewed the related costs and activities for compliance purposes. Further, ADOH personnel responsible for reviewing and approving the subrecipient’s reimbursement requests reported to us that they were trained to not follow its policies and procedures but, instead, to approve any costs that had been previously reimbursed. As reported in finding 2022-114, although the DES subrecipient-monitoring policies and procedures did not require it to obtain from subrecipients documentation supporting charges for personal and contracted professional services to verify allowability when subrecipients requested reimbursement, the policies and procedures required an on-site monitoring visit once every 3 years for each subrecipient in which it reviews a sample of the subrecipient’s personal and professional services charges. However, DES had not performed an on-site monitoring visit of the nonprofit subrecipient since 2018 because it had not yet resumed all its subrecipient-monitoring activities, such as conducting on-site reviews and providing training and technical assistance, since suspending these activities during the COVID-19 pandemic during fiscal year 2020. In addition, DES had not properly assessed the subrecipient’s risk of noncompliance with its award contract and program requirements to determine the level of monitoring procedures or training the subrecipient needed. For example, the Division was unaware that the subrecipient had not informed it of a principal officer’s conflicts of interest so that the Division could ensure that the principal officer or their immediate family member were not involved in decision-making related to those conflicts and selectively review the related costs and activities for compliance purposes. Criteria—Federal regulations require the Departments to monitor subrecipients and include required procedures for assessing the risk of each subrecipient’s noncompliance and implementing appropriate monitoring procedures to address those risk assessments; verifying single audits were conducted timely, if required; reviewing financial and performance reports; following up on and ensuring corrective action is taken on deficiencies that could potentially affect the program; and issuing management decisions on the results of audit findings or monitoring (2 CFR §§200.332, .339, and .521). Federal regulations provide that monitoring procedures the Departments may implement to address a subrecipient’s risk assessment include providing training or technical assistance on program-related matters and performing on-site reviews and selective audits of reimbursed costs (2 CFR §200.332[e]). Further, federal regulations require the Departments’ subrecipients to allocate allowable costs using a reasonable basis, to use competitive purchasing standards when procuring goods and services, and to disclose in writing to the Departments any potential conflicts of interest.2 Finally, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that federal programs are being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—The Departments should: 1. Immediately stop reimbursing the nonprofit subrecipient for costs that are unsupported, unallowable, and/or paid to the nonprofit subrecipient’s principal officers or their immediate family member in violation of conflict-of-interest disclosure requirements without obtaining documentation to support they comply with the program’s requirements and take appropriate enforcement actions in accordance with its subaward contract. (ADOH and DES) 2. Update its written policies and procedures for reviewing and approving subrecipient reimbursement requests to include a process to ensure costs are adequately supported and allowable in accordance with program requirements. (ADOH and DES) 3. Train personnel responsible for reviewing and approving subrecipient reimbursement requests on how to identify costs that are unallowable under federal regulations. (ADOH) 4. Assess the risk of each subrecipient’s noncompliance and perform the appropriate monitoring procedures based on the assessed risk, such as providing training or technical assistance on program-related matters and performing on-site reviews and selective audits of reimbursed costs for allowability. (ADOH and DES) 5. Ensure subrecipients allocate allowable costs using a reasonable basis, use competitive purchasing standards when procuring goods and services, and disclose in writing to the Departments any potential conflicts of interest. The Departments may need to provide training and technical assistance to subrecipients that addresses these compliance areas, including the Departments’ obtaining conflict-of-interest disclosures from subrecipients as part of the subaward contract, as an example, or otherwise establishing a communication mechanism for subrecipients to use as such conflicts arise. (ADOH and DES) 6. Continue to work with the nonprofit subrecipient to resolve the $47,777 in unallowable costs, including recovering these monies from the subrecipient and assessing the continued need to use this subrecipient for services. (ADOH and DES) 7. Work with the federal agencies to resolve the $47,777 of unallowable costs that it reimbursed, which may involve returning monies to the agencies. (ADOH and DES) The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy. 1 Federal Uniform Guidance requires federal awarding agencies to follow up on audit findings and issue a management decision to ensure the recipient takes appropriate and timely corrective action (2 CFR §200.513[c]). Further, it requires that federal awarding agencies’ management decisions clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action, as directed by the federal awarding agencies (2 CFR §200.521). 2 The applicable federal requirements related to allowable costs, competitive purchasing, and conflicts of interest can be found in the Code of Federal Regulations at 2 CFR §§200.112, .318-.327, and Subpart E, and 24 CFR §578.95 and 45 CFR §75.112.
Assistance Listings numbers and names: 14.231 Emergency Solutions Grant Program 14.231 COVID-19—Emergency Solutions Grant Program Award numbers and years: E-20-DW-04-001, July 1, 2020 through September 9, 2022 E-21-DC-04-001, July 1, 2021 through September 9, 2023 Federal agency: U.S. Department of Housing and Urban Development Questioned costs: $1,425 Assistance Listings number and name: 14.267 Continuum of Care Program Award numbers and years: AZ0009L9T001912, October 1, 2020 through September 30, 2021; AZ0118L9T002008, February 1, 2021 through January 31, 2022; AZ0011L9T002013, May 1, 2021 through April 30, 2022; AZ0173L9T002004, July 1, 2021 through June 30, 2022; AZ0009L9T002013, October 1, 2021 through September 30, 2022 Federal agency: U.S. Department of Housing and Urban Development Questioned costs: $46,352 Compliance requirement: Subrecipient monitoring Total questioned costs: $47,777 Condition—Contrary to federal regulations and its federal award terms, the Department of Housing (ADOH) and Department of Economic Security (DES) reimbursed 1 nonprofit organization subrecipient for federal program costs totaling $47,777 during fiscal year 2022 that were unsupported, unallowable, and/or paid to the nonprofit organization’s principal officers or their immediate family member in violation of conflict-of-interest disclosure requirements. Specifically, we reviewed 51 reimbursements that included Continuum of Care Program and Emergency Solutions Grant Program costs totaling $446,695 and $10,692 for the year, respectively, and found that the departments reimbursed the subrecipient for: • $35,562 for financial and accounting services, travel, and supplies that were paid to 1 of the nonprofit organization’s principal officers, who served as the Treasurer, and their company, which was not disclosed as a conflict of interest to both departments as required by federal laws. Also, the subrecipient allocated these costs to other federal programs and nonfederal activities; however, neither department verified that the allocation method the subrecipient used was reasonable or that the costs, as allocated, were allowed by the programs’ requirements. We noted that the allocation method used may have resulted in multiple programs being overbilled for these services by up to $5,087. (ADOH and DES) • $7,274 for bookkeeping services that were not adequately supported by sufficiently detailed invoices and a signed contract having a specified price rate for the services and terms; therefore, we were unable to verify if the amounts paid were appropriate. Further, the departments reimbursed the Treasurer’s family member, whose bookkeeping services company was not disclosed as a conflict of interest to the departments as required by federal regulations. Also, the subrecipient allocated these costs to other federal programs and nonfederal activities; however, the departments did not verify that the allocation method the subrecipient used was reasonable or that the costs, as allocated, were allowed by the programs’ requirements. (ADOH and DES) • $4,365 for repairs and maintenance, travel, and supplies that were paid to another principal officer who performed various handyman services, including plumbing, painting, and building repairs, that were not adequately supported by a contract having specified price rates for the services and terms; therefore, we were unable to verify if the amounts reimbursed by ADOH were appropriate. Further, ADOH reimbursed the principal officer, whose services were not disclosed as a conflict of interest to ADOH as required by its contract with the subrecipient and federal regulations. (ADOH) • $576 for incentive payments to the subrecipient’s executive director without documentation demonstrating it was authorized by an agreement, reasonable for the services performed as provided in the subrecipient’s policies, and consistent with compensation paid for similar work in other activities; therefore, we were unable to verify if the amounts reimbursed by ADOH were allowable. (ADOH) Additionally, contrary to federal regulations, the departments had not ensured that the subrecipient implemented competitive purchasing procedures when procuring the professional services and handyman services described above, and the subrecipient was unable to provide documentation that it had competitively procured the services. (ADOH and DES) The Continuum of Care and the Emergency Solutions Grant Programs were not audited as major federal programs for the State’s fiscal year 2022 single audit; therefore, the scope of our review was not sufficient to determine whether the departments or their subrecipients complied with all applicable federal requirements for these programs. During the audit, we became aware of the potentially noncompliant 51 reimbursements involving 1 of the departments’ nonprofit subrecipients with which they partner to carry out federal and State programs, including the Continuum of Care Program, the Emergency Solutions Grants Program, and Temporary Assistance to Needy Families (TANF), which was audited as a major federal program for fiscal year 2022, as well as the State Housing Trust Fund. Our review of select reimbursements to this subrecipient resulted in similar findings for the TANF federal program and the State Housing Trust Fund that are described in items 2022-114 and 2022-05, respectively. Effect—The departments’ lack of required monitoring increased the risk that the monies it awarded to 1 nonprofit organization may not have been spent in accordance with the award terms and program requirements. Further, the departments’ reimbursing the subrecipient for $47,777 of unallowable or unsupported costs and/or costs paid to the nonprofit organization’s principal officers or their immediate family member in violation of conflict-of-interest disclosure requirements resulted in those monies being unavailable to be spent for their intended purpose of providing housing assistance to those in need. Consequently, the departments may be required to return these monies to the federal agencies in accordance with federal requirements.1 Cause—ADOH had not yet resumed all its subrecipient-monitoring activities, such as conducting on-site reviews and providing training and technical assistance, since suspending these activities during the COVID-19 pandemic during fiscal year 2020. Also, ADOH had not properly assessed this subrecipient’s risk of noncompliance with its award contract and program requirements to determine the level of monitoring procedures or training the subrecipient needed. For example, ADOH was unaware that the subrecipient had not informed it of principal officers’ conflicts of interest so that ADOH could ensure that those principal officers or their immediate family member were not involved in decision-making related to those conflicts and selectively reviewed the related costs and activities for compliance purposes. Further, ADOH personnel responsible for reviewing and approving the subrecipient’s reimbursement requests reported to us that they were trained to not follow its policies and procedures but, instead, to approve any costs that had been previously reimbursed. As reported in finding 2022-114, although the DES subrecipient-monitoring policies and procedures did not require it to obtain from subrecipients documentation supporting charges for personal and contracted professional services to verify allowability when subrecipients requested reimbursement, the policies and procedures required an on-site monitoring visit once every 3 years for each subrecipient in which it reviews a sample of the subrecipient’s personal and professional services charges. However, DES had not performed an on-site monitoring visit of the nonprofit subrecipient since 2018 because it had not yet resumed all its subrecipient-monitoring activities, such as conducting on-site reviews and providing training and technical assistance, since suspending these activities during the COVID-19 pandemic during fiscal year 2020. In addition, DES had not properly assessed the subrecipient’s risk of noncompliance with its award contract and program requirements to determine the level of monitoring procedures or training the subrecipient needed. For example, the Division was unaware that the subrecipient had not informed it of a principal officer’s conflicts of interest so that the Division could ensure that the principal officer or their immediate family member were not involved in decision-making related to those conflicts and selectively review the related costs and activities for compliance purposes. Criteria—Federal regulations require the Departments to monitor subrecipients and include required procedures for assessing the risk of each subrecipient’s noncompliance and implementing appropriate monitoring procedures to address those risk assessments; verifying single audits were conducted timely, if required; reviewing financial and performance reports; following up on and ensuring corrective action is taken on deficiencies that could potentially affect the program; and issuing management decisions on the results of audit findings or monitoring (2 CFR §§200.332, .339, and .521). Federal regulations provide that monitoring procedures the Departments may implement to address a subrecipient’s risk assessment include providing training or technical assistance on program-related matters and performing on-site reviews and selective audits of reimbursed costs (2 CFR §200.332[e]). Further, federal regulations require the Departments’ subrecipients to allocate allowable costs using a reasonable basis, to use competitive purchasing standards when procuring goods and services, and to disclose in writing to the Departments any potential conflicts of interest.2 Finally, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that federal programs are being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—The Departments should: 1. Immediately stop reimbursing the nonprofit subrecipient for costs that are unsupported, unallowable, and/or paid to the nonprofit subrecipient’s principal officers or their immediate family member in violation of conflict-of-interest disclosure requirements without obtaining documentation to support they comply with the program’s requirements and take appropriate enforcement actions in accordance with its subaward contract. (ADOH and DES) 2. Update its written policies and procedures for reviewing and approving subrecipient reimbursement requests to include a process to ensure costs are adequately supported and allowable in accordance with program requirements. (ADOH and DES) 3. Train personnel responsible for reviewing and approving subrecipient reimbursement requests on how to identify costs that are unallowable under federal regulations. (ADOH) 4. Assess the risk of each subrecipient’s noncompliance and perform the appropriate monitoring procedures based on the assessed risk, such as providing training or technical assistance on program-related matters and performing on-site reviews and selective audits of reimbursed costs for allowability. (ADOH and DES) 5. Ensure subrecipients allocate allowable costs using a reasonable basis, use competitive purchasing standards when procuring goods and services, and disclose in writing to the Departments any potential conflicts of interest. The Departments may need to provide training and technical assistance to subrecipients that addresses these compliance areas, including the Departments’ obtaining conflict-of-interest disclosures from subrecipients as part of the subaward contract, as an example, or otherwise establishing a communication mechanism for subrecipients to use as such conflicts arise. (ADOH and DES) 6. Continue to work with the nonprofit subrecipient to resolve the $47,777 in unallowable costs, including recovering these monies from the subrecipient and assessing the continued need to use this subrecipient for services. (ADOH and DES) 7. Work with the federal agencies to resolve the $47,777 of unallowable costs that it reimbursed, which may involve returning monies to the agencies. (ADOH and DES) The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy. 1 Federal Uniform Guidance requires federal awarding agencies to follow up on audit findings and issue a management decision to ensure the recipient takes appropriate and timely corrective action (2 CFR §200.513[c]). Further, it requires that federal awarding agencies’ management decisions clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action, as directed by the federal awarding agencies (2 CFR §200.521). 2 The applicable federal requirements related to allowable costs, competitive purchasing, and conflicts of interest can be found in the Code of Federal Regulations at 2 CFR §§200.112, .318-.327, and Subpart E, and 24 CFR §578.95 and 45 CFR §75.112.
Assistance Listings number and name: 21.027 COVID-19 State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Eligibility Questioned costs: $10,000 Condition—Contrary to federal regulations and its policies and procedures, the Department of Economic Security—Division of Employment and Rehabilitation Services (Division) made benefits payments totaling $10,000 to individuals for the State’s Return-to-Work Bonus Program for which it lacked documentation to support that it paid only those individuals who were eligible to receive them. We tested 67 individuals who received benefit payments and found that the Division made benefit payments to 5 individuals totaling $10,000 for which it lacked documentation to support the eligibility determinations.1 This calculates to a 7.5 percent exception rate for our 67 individual eligibility sample, totaling $133,000. Effect—The Division’s payment of $10,000 of program benefits for which it lacked documentation showing the 5 individuals were eligible beneficiaries increases the risk that the Division may not have been able to effectively prevent or detect fraud. Consequently, the Division may be required to return $10,000 to the federal agency.2 Cause—The Division’s management reported that it contracted with a third party to implement and use a new, temporary benefits system for the State’s Return-to-Work Bonus Program from July 1, 2021, through December 31, 2021.1 When the program and the Department’s contract with the third party ended, the Division did not ensure that the third-party contractor provided it with a complete set of program documentation that was derived from the system. Criteria—Federal regulations require the Division to retain all federal program records for a period of 3 years from the submission date of the final expenditure report to the federal agency (2 CFR §200.334). In addition, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that federal programs are being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—This program ended on December 31, 2021, and the Division’s management reported to us that it received all the records related to the federal program from the third-party contractor when operations of the State’s Return-to-Work Bonus Program and related benefits system ceased.1 However, to the extent possible for this program and for all future federal programs the Division administers, the Division should: 1. Ensure subaward entities provide all records and the Division retains all records relating to a federal award for a period of 3 years from the date it submits the final expenditure report. 2. Work with the State of Arizona Office of the Governor and U.S. Department of the Treasury to resolve the $10,000 in questioned costs.2 The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy. 1 To be eligible for the State’s Return-to-Work Bonus Program benefits, individuals had to have filed, received, and been deemed eligible for Unemployment Insurance program benefits in Arizona between the period of May 8, 2021, and May 15, 2021. The benefit payments consisted of bonus payments of either $1,000 or $2,000, with a total maximum benefit amount of $2,000 per eligible individual. The State’s Return-to-Work Bonus Program was funded by the federal Coronavirus State and Local Fiscal Recovery Funds, an American Rescue Plan Act of 2021 program (Public Law 117-2), as administered by the Arizona Governor’s Office. The Department of Economic Security operated the program from July 1, 2021, through December 31, 2021, and the program ended on December 31, 2021. (State of Arizona, Office of the Governor and Department of Economic Security Interagency Service Agreement No. ISA-DES-ARPA-070121-02). 2 Federal Uniform Guidance requires federal awarding agencies to follow up on audit findings and issue a management decision to ensure the recipient, the Office of the Governor, takes appropriate and timely corrective action (2 CFR §200.513[c]). Further, it requires that federal awarding agencies’ management decisions clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action, as directed by the federal awarding agencies (2 CFR §200.521).
Assistance Listings number and name: 21.027 COVID-19 State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Eligibility Questioned costs: $10,000 Condition—Contrary to federal regulations and its policies and procedures, the Department of Economic Security—Division of Employment and Rehabilitation Services (Division) made benefits payments totaling $10,000 to individuals for the State’s Return-to-Work Bonus Program for which it lacked documentation to support that it paid only those individuals who were eligible to receive them. We tested 67 individuals who received benefit payments and found that the Division made benefit payments to 5 individuals totaling $10,000 for which it lacked documentation to support the eligibility determinations.1 This calculates to a 7.5 percent exception rate for our 67 individual eligibility sample, totaling $133,000. Effect—The Division’s payment of $10,000 of program benefits for which it lacked documentation showing the 5 individuals were eligible beneficiaries increases the risk that the Division may not have been able to effectively prevent or detect fraud. Consequently, the Division may be required to return $10,000 to the federal agency.2 Cause—The Division’s management reported that it contracted with a third party to implement and use a new, temporary benefits system for the State’s Return-to-Work Bonus Program from July 1, 2021, through December 31, 2021.1 When the program and the Department’s contract with the third party ended, the Division did not ensure that the third-party contractor provided it with a complete set of program documentation that was derived from the system. Criteria—Federal regulations require the Division to retain all federal program records for a period of 3 years from the submission date of the final expenditure report to the federal agency (2 CFR §200.334). In addition, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that federal programs are being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—This program ended on December 31, 2021, and the Division’s management reported to us that it received all the records related to the federal program from the third-party contractor when operations of the State’s Return-to-Work Bonus Program and related benefits system ceased.1 However, to the extent possible for this program and for all future federal programs the Division administers, the Division should: 1. Ensure subaward entities provide all records and the Division retains all records relating to a federal award for a period of 3 years from the date it submits the final expenditure report. 2. Work with the State of Arizona Office of the Governor and U.S. Department of the Treasury to resolve the $10,000 in questioned costs.2 The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy. 1 To be eligible for the State’s Return-to-Work Bonus Program benefits, individuals had to have filed, received, and been deemed eligible for Unemployment Insurance program benefits in Arizona between the period of May 8, 2021, and May 15, 2021. The benefit payments consisted of bonus payments of either $1,000 or $2,000, with a total maximum benefit amount of $2,000 per eligible individual. The State’s Return-to-Work Bonus Program was funded by the federal Coronavirus State and Local Fiscal Recovery Funds, an American Rescue Plan Act of 2021 program (Public Law 117-2), as administered by the Arizona Governor’s Office. The Department of Economic Security operated the program from July 1, 2021, through December 31, 2021, and the program ended on December 31, 2021. (State of Arizona, Office of the Governor and Department of Economic Security Interagency Service Agreement No. ISA-DES-ARPA-070121-02). 2 Federal Uniform Guidance requires federal awarding agencies to follow up on audit findings and issue a management decision to ensure the recipient, the Office of the Governor, takes appropriate and timely corrective action (2 CFR §200.513[c]). Further, it requires that federal awarding agencies’ management decisions clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action, as directed by the federal awarding agencies (2 CFR §200.521).
Assistance Listings number and name: 21.027 COVID-19 State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Eligibility Questioned costs: $10,000 Condition—Contrary to federal regulations and its policies and procedures, the Department of Economic Security—Division of Employment and Rehabilitation Services (Division) made benefits payments totaling $10,000 to individuals for the State’s Return-to-Work Bonus Program for which it lacked documentation to support that it paid only those individuals who were eligible to receive them. We tested 67 individuals who received benefit payments and found that the Division made benefit payments to 5 individuals totaling $10,000 for which it lacked documentation to support the eligibility determinations.1 This calculates to a 7.5 percent exception rate for our 67 individual eligibility sample, totaling $133,000. Effect—The Division’s payment of $10,000 of program benefits for which it lacked documentation showing the 5 individuals were eligible beneficiaries increases the risk that the Division may not have been able to effectively prevent or detect fraud. Consequently, the Division may be required to return $10,000 to the federal agency.2 Cause—The Division’s management reported that it contracted with a third party to implement and use a new, temporary benefits system for the State’s Return-to-Work Bonus Program from July 1, 2021, through December 31, 2021.1 When the program and the Department’s contract with the third party ended, the Division did not ensure that the third-party contractor provided it with a complete set of program documentation that was derived from the system. Criteria—Federal regulations require the Division to retain all federal program records for a period of 3 years from the submission date of the final expenditure report to the federal agency (2 CFR §200.334). In addition, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that federal programs are being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—This program ended on December 31, 2021, and the Division’s management reported to us that it received all the records related to the federal program from the third-party contractor when operations of the State’s Return-to-Work Bonus Program and related benefits system ceased.1 However, to the extent possible for this program and for all future federal programs the Division administers, the Division should: 1. Ensure subaward entities provide all records and the Division retains all records relating to a federal award for a period of 3 years from the date it submits the final expenditure report. 2. Work with the State of Arizona Office of the Governor and U.S. Department of the Treasury to resolve the $10,000 in questioned costs.2 The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy. 1 To be eligible for the State’s Return-to-Work Bonus Program benefits, individuals had to have filed, received, and been deemed eligible for Unemployment Insurance program benefits in Arizona between the period of May 8, 2021, and May 15, 2021. The benefit payments consisted of bonus payments of either $1,000 or $2,000, with a total maximum benefit amount of $2,000 per eligible individual. The State’s Return-to-Work Bonus Program was funded by the federal Coronavirus State and Local Fiscal Recovery Funds, an American Rescue Plan Act of 2021 program (Public Law 117-2), as administered by the Arizona Governor’s Office. The Department of Economic Security operated the program from July 1, 2021, through December 31, 2021, and the program ended on December 31, 2021. (State of Arizona, Office of the Governor and Department of Economic Security Interagency Service Agreement No. ISA-DES-ARPA-070121-02). 2 Federal Uniform Guidance requires federal awarding agencies to follow up on audit findings and issue a management decision to ensure the recipient, the Office of the Governor, takes appropriate and timely corrective action (2 CFR §200.513[c]). Further, it requires that federal awarding agencies’ management decisions clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action, as directed by the federal awarding agencies (2 CFR §200.521).
Assistance Listings number and name: 21.027 COVID-19 State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Eligibility Questioned costs: $10,000 Condition—Contrary to federal regulations and its policies and procedures, the Department of Economic Security—Division of Employment and Rehabilitation Services (Division) made benefits payments totaling $10,000 to individuals for the State’s Return-to-Work Bonus Program for which it lacked documentation to support that it paid only those individuals who were eligible to receive them. We tested 67 individuals who received benefit payments and found that the Division made benefit payments to 5 individuals totaling $10,000 for which it lacked documentation to support the eligibility determinations.1 This calculates to a 7.5 percent exception rate for our 67 individual eligibility sample, totaling $133,000. Effect—The Division’s payment of $10,000 of program benefits for which it lacked documentation showing the 5 individuals were eligible beneficiaries increases the risk that the Division may not have been able to effectively prevent or detect fraud. Consequently, the Division may be required to return $10,000 to the federal agency.2 Cause—The Division’s management reported that it contracted with a third party to implement and use a new, temporary benefits system for the State’s Return-to-Work Bonus Program from July 1, 2021, through December 31, 2021.1 When the program and the Department’s contract with the third party ended, the Division did not ensure that the third-party contractor provided it with a complete set of program documentation that was derived from the system. Criteria—Federal regulations require the Division to retain all federal program records for a period of 3 years from the submission date of the final expenditure report to the federal agency (2 CFR §200.334). In addition, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that federal programs are being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—This program ended on December 31, 2021, and the Division’s management reported to us that it received all the records related to the federal program from the third-party contractor when operations of the State’s Return-to-Work Bonus Program and related benefits system ceased.1 However, to the extent possible for this program and for all future federal programs the Division administers, the Division should: 1. Ensure subaward entities provide all records and the Division retains all records relating to a federal award for a period of 3 years from the date it submits the final expenditure report. 2. Work with the State of Arizona Office of the Governor and U.S. Department of the Treasury to resolve the $10,000 in questioned costs.2 The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy. 1 To be eligible for the State’s Return-to-Work Bonus Program benefits, individuals had to have filed, received, and been deemed eligible for Unemployment Insurance program benefits in Arizona between the period of May 8, 2021, and May 15, 2021. The benefit payments consisted of bonus payments of either $1,000 or $2,000, with a total maximum benefit amount of $2,000 per eligible individual. The State’s Return-to-Work Bonus Program was funded by the federal Coronavirus State and Local Fiscal Recovery Funds, an American Rescue Plan Act of 2021 program (Public Law 117-2), as administered by the Arizona Governor’s Office. The Department of Economic Security operated the program from July 1, 2021, through December 31, 2021, and the program ended on December 31, 2021. (State of Arizona, Office of the Governor and Department of Economic Security Interagency Service Agreement No. ISA-DES-ARPA-070121-02). 2 Federal Uniform Guidance requires federal awarding agencies to follow up on audit findings and issue a management decision to ensure the recipient, the Office of the Governor, takes appropriate and timely corrective action (2 CFR §200.513[c]). Further, it requires that federal awarding agencies’ management decisions clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action, as directed by the federal awarding agencies (2 CFR §200.521).
Assistance Listings number and name: 21.027 COVID-19 State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Eligibility Questioned costs: $10,000 Condition—Contrary to federal regulations and its policies and procedures, the Department of Economic Security—Division of Employment and Rehabilitation Services (Division) made benefits payments totaling $10,000 to individuals for the State’s Return-to-Work Bonus Program for which it lacked documentation to support that it paid only those individuals who were eligible to receive them. We tested 67 individuals who received benefit payments and found that the Division made benefit payments to 5 individuals totaling $10,000 for which it lacked documentation to support the eligibility determinations.1 This calculates to a 7.5 percent exception rate for our 67 individual eligibility sample, totaling $133,000. Effect—The Division’s payment of $10,000 of program benefits for which it lacked documentation showing the 5 individuals were eligible beneficiaries increases the risk that the Division may not have been able to effectively prevent or detect fraud. Consequently, the Division may be required to return $10,000 to the federal agency.2 Cause—The Division’s management reported that it contracted with a third party to implement and use a new, temporary benefits system for the State’s Return-to-Work Bonus Program from July 1, 2021, through December 31, 2021.1 When the program and the Department’s contract with the third party ended, the Division did not ensure that the third-party contractor provided it with a complete set of program documentation that was derived from the system. Criteria—Federal regulations require the Division to retain all federal program records for a period of 3 years from the submission date of the final expenditure report to the federal agency (2 CFR §200.334). In addition, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that federal programs are being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—This program ended on December 31, 2021, and the Division’s management reported to us that it received all the records related to the federal program from the third-party contractor when operations of the State’s Return-to-Work Bonus Program and related benefits system ceased.1 However, to the extent possible for this program and for all future federal programs the Division administers, the Division should: 1. Ensure subaward entities provide all records and the Division retains all records relating to a federal award for a period of 3 years from the date it submits the final expenditure report. 2. Work with the State of Arizona Office of the Governor and U.S. Department of the Treasury to resolve the $10,000 in questioned costs.2 The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy. 1 To be eligible for the State’s Return-to-Work Bonus Program benefits, individuals had to have filed, received, and been deemed eligible for Unemployment Insurance program benefits in Arizona between the period of May 8, 2021, and May 15, 2021. The benefit payments consisted of bonus payments of either $1,000 or $2,000, with a total maximum benefit amount of $2,000 per eligible individual. The State’s Return-to-Work Bonus Program was funded by the federal Coronavirus State and Local Fiscal Recovery Funds, an American Rescue Plan Act of 2021 program (Public Law 117-2), as administered by the Arizona Governor’s Office. The Department of Economic Security operated the program from July 1, 2021, through December 31, 2021, and the program ended on December 31, 2021. (State of Arizona, Office of the Governor and Department of Economic Security Interagency Service Agreement No. ISA-DES-ARPA-070121-02). 2 Federal Uniform Guidance requires federal awarding agencies to follow up on audit findings and issue a management decision to ensure the recipient, the Office of the Governor, takes appropriate and timely corrective action (2 CFR §200.513[c]). Further, it requires that federal awarding agencies’ management decisions clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action, as directed by the federal awarding agencies (2 CFR §200.521).
Assistance Listings number and name: 21.027 COVID-19 State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Eligibility Questioned costs: $10,000 Condition—Contrary to federal regulations and its policies and procedures, the Department of Economic Security—Division of Employment and Rehabilitation Services (Division) made benefits payments totaling $10,000 to individuals for the State’s Return-to-Work Bonus Program for which it lacked documentation to support that it paid only those individuals who were eligible to receive them. We tested 67 individuals who received benefit payments and found that the Division made benefit payments to 5 individuals totaling $10,000 for which it lacked documentation to support the eligibility determinations.1 This calculates to a 7.5 percent exception rate for our 67 individual eligibility sample, totaling $133,000. Effect—The Division’s payment of $10,000 of program benefits for which it lacked documentation showing the 5 individuals were eligible beneficiaries increases the risk that the Division may not have been able to effectively prevent or detect fraud. Consequently, the Division may be required to return $10,000 to the federal agency.2 Cause—The Division’s management reported that it contracted with a third party to implement and use a new, temporary benefits system for the State’s Return-to-Work Bonus Program from July 1, 2021, through December 31, 2021.1 When the program and the Department’s contract with the third party ended, the Division did not ensure that the third-party contractor provided it with a complete set of program documentation that was derived from the system. Criteria—Federal regulations require the Division to retain all federal program records for a period of 3 years from the submission date of the final expenditure report to the federal agency (2 CFR §200.334). In addition, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that federal programs are being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—This program ended on December 31, 2021, and the Division’s management reported to us that it received all the records related to the federal program from the third-party contractor when operations of the State’s Return-to-Work Bonus Program and related benefits system ceased.1 However, to the extent possible for this program and for all future federal programs the Division administers, the Division should: 1. Ensure subaward entities provide all records and the Division retains all records relating to a federal award for a period of 3 years from the date it submits the final expenditure report. 2. Work with the State of Arizona Office of the Governor and U.S. Department of the Treasury to resolve the $10,000 in questioned costs.2 The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy. 1 To be eligible for the State’s Return-to-Work Bonus Program benefits, individuals had to have filed, received, and been deemed eligible for Unemployment Insurance program benefits in Arizona between the period of May 8, 2021, and May 15, 2021. The benefit payments consisted of bonus payments of either $1,000 or $2,000, with a total maximum benefit amount of $2,000 per eligible individual. The State’s Return-to-Work Bonus Program was funded by the federal Coronavirus State and Local Fiscal Recovery Funds, an American Rescue Plan Act of 2021 program (Public Law 117-2), as administered by the Arizona Governor’s Office. The Department of Economic Security operated the program from July 1, 2021, through December 31, 2021, and the program ended on December 31, 2021. (State of Arizona, Office of the Governor and Department of Economic Security Interagency Service Agreement No. ISA-DES-ARPA-070121-02). 2 Federal Uniform Guidance requires federal awarding agencies to follow up on audit findings and issue a management decision to ensure the recipient, the Office of the Governor, takes appropriate and timely corrective action (2 CFR §200.513[c]). Further, it requires that federal awarding agencies’ management decisions clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action, as directed by the federal awarding agencies (2 CFR §200.521).
Assistance Listings number and name: 21.027 COVID-19 State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Eligibility Questioned costs: $10,000 Condition—Contrary to federal regulations and its policies and procedures, the Department of Economic Security—Division of Employment and Rehabilitation Services (Division) made benefits payments totaling $10,000 to individuals for the State’s Return-to-Work Bonus Program for which it lacked documentation to support that it paid only those individuals who were eligible to receive them. We tested 67 individuals who received benefit payments and found that the Division made benefit payments to 5 individuals totaling $10,000 for which it lacked documentation to support the eligibility determinations.1 This calculates to a 7.5 percent exception rate for our 67 individual eligibility sample, totaling $133,000. Effect—The Division’s payment of $10,000 of program benefits for which it lacked documentation showing the 5 individuals were eligible beneficiaries increases the risk that the Division may not have been able to effectively prevent or detect fraud. Consequently, the Division may be required to return $10,000 to the federal agency.2 Cause—The Division’s management reported that it contracted with a third party to implement and use a new, temporary benefits system for the State’s Return-to-Work Bonus Program from July 1, 2021, through December 31, 2021.1 When the program and the Department’s contract with the third party ended, the Division did not ensure that the third-party contractor provided it with a complete set of program documentation that was derived from the system. Criteria—Federal regulations require the Division to retain all federal program records for a period of 3 years from the submission date of the final expenditure report to the federal agency (2 CFR §200.334). In addition, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that federal programs are being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—This program ended on December 31, 2021, and the Division’s management reported to us that it received all the records related to the federal program from the third-party contractor when operations of the State’s Return-to-Work Bonus Program and related benefits system ceased.1 However, to the extent possible for this program and for all future federal programs the Division administers, the Division should: 1. Ensure subaward entities provide all records and the Division retains all records relating to a federal award for a period of 3 years from the date it submits the final expenditure report. 2. Work with the State of Arizona Office of the Governor and U.S. Department of the Treasury to resolve the $10,000 in questioned costs.2 The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy. 1 To be eligible for the State’s Return-to-Work Bonus Program benefits, individuals had to have filed, received, and been deemed eligible for Unemployment Insurance program benefits in Arizona between the period of May 8, 2021, and May 15, 2021. The benefit payments consisted of bonus payments of either $1,000 or $2,000, with a total maximum benefit amount of $2,000 per eligible individual. The State’s Return-to-Work Bonus Program was funded by the federal Coronavirus State and Local Fiscal Recovery Funds, an American Rescue Plan Act of 2021 program (Public Law 117-2), as administered by the Arizona Governor’s Office. The Department of Economic Security operated the program from July 1, 2021, through December 31, 2021, and the program ended on December 31, 2021. (State of Arizona, Office of the Governor and Department of Economic Security Interagency Service Agreement No. ISA-DES-ARPA-070121-02). 2 Federal Uniform Guidance requires federal awarding agencies to follow up on audit findings and issue a management decision to ensure the recipient, the Office of the Governor, takes appropriate and timely corrective action (2 CFR §200.513[c]). Further, it requires that federal awarding agencies’ management decisions clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action, as directed by the federal awarding agencies (2 CFR §200.521).
Assistance Listings number and name: 21.027 COVID-19 State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Eligibility Questioned costs: $10,000 Condition—Contrary to federal regulations and its policies and procedures, the Department of Economic Security—Division of Employment and Rehabilitation Services (Division) made benefits payments totaling $10,000 to individuals for the State’s Return-to-Work Bonus Program for which it lacked documentation to support that it paid only those individuals who were eligible to receive them. We tested 67 individuals who received benefit payments and found that the Division made benefit payments to 5 individuals totaling $10,000 for which it lacked documentation to support the eligibility determinations.1 This calculates to a 7.5 percent exception rate for our 67 individual eligibility sample, totaling $133,000. Effect—The Division’s payment of $10,000 of program benefits for which it lacked documentation showing the 5 individuals were eligible beneficiaries increases the risk that the Division may not have been able to effectively prevent or detect fraud. Consequently, the Division may be required to return $10,000 to the federal agency.2 Cause—The Division’s management reported that it contracted with a third party to implement and use a new, temporary benefits system for the State’s Return-to-Work Bonus Program from July 1, 2021, through December 31, 2021.1 When the program and the Department’s contract with the third party ended, the Division did not ensure that the third-party contractor provided it with a complete set of program documentation that was derived from the system. Criteria—Federal regulations require the Division to retain all federal program records for a period of 3 years from the submission date of the final expenditure report to the federal agency (2 CFR §200.334). In addition, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that federal programs are being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—This program ended on December 31, 2021, and the Division’s management reported to us that it received all the records related to the federal program from the third-party contractor when operations of the State’s Return-to-Work Bonus Program and related benefits system ceased.1 However, to the extent possible for this program and for all future federal programs the Division administers, the Division should: 1. Ensure subaward entities provide all records and the Division retains all records relating to a federal award for a period of 3 years from the date it submits the final expenditure report. 2. Work with the State of Arizona Office of the Governor and U.S. Department of the Treasury to resolve the $10,000 in questioned costs.2 The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy. 1 To be eligible for the State’s Return-to-Work Bonus Program benefits, individuals had to have filed, received, and been deemed eligible for Unemployment Insurance program benefits in Arizona between the period of May 8, 2021, and May 15, 2021. The benefit payments consisted of bonus payments of either $1,000 or $2,000, with a total maximum benefit amount of $2,000 per eligible individual. The State’s Return-to-Work Bonus Program was funded by the federal Coronavirus State and Local Fiscal Recovery Funds, an American Rescue Plan Act of 2021 program (Public Law 117-2), as administered by the Arizona Governor’s Office. The Department of Economic Security operated the program from July 1, 2021, through December 31, 2021, and the program ended on December 31, 2021. (State of Arizona, Office of the Governor and Department of Economic Security Interagency Service Agreement No. ISA-DES-ARPA-070121-02). 2 Federal Uniform Guidance requires federal awarding agencies to follow up on audit findings and issue a management decision to ensure the recipient, the Office of the Governor, takes appropriate and timely corrective action (2 CFR §200.513[c]). Further, it requires that federal awarding agencies’ management decisions clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action, as directed by the federal awarding agencies (2 CFR §200.521).
Assistance Listings number and name: 21.027 COVID-19 State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Eligibility Questioned costs: $10,000 Condition—Contrary to federal regulations and its policies and procedures, the Department of Economic Security—Division of Employment and Rehabilitation Services (Division) made benefits payments totaling $10,000 to individuals for the State’s Return-to-Work Bonus Program for which it lacked documentation to support that it paid only those individuals who were eligible to receive them. We tested 67 individuals who received benefit payments and found that the Division made benefit payments to 5 individuals totaling $10,000 for which it lacked documentation to support the eligibility determinations.1 This calculates to a 7.5 percent exception rate for our 67 individual eligibility sample, totaling $133,000. Effect—The Division’s payment of $10,000 of program benefits for which it lacked documentation showing the 5 individuals were eligible beneficiaries increases the risk that the Division may not have been able to effectively prevent or detect fraud. Consequently, the Division may be required to return $10,000 to the federal agency.2 Cause—The Division’s management reported that it contracted with a third party to implement and use a new, temporary benefits system for the State’s Return-to-Work Bonus Program from July 1, 2021, through December 31, 2021.1 When the program and the Department’s contract with the third party ended, the Division did not ensure that the third-party contractor provided it with a complete set of program documentation that was derived from the system. Criteria—Federal regulations require the Division to retain all federal program records for a period of 3 years from the submission date of the final expenditure report to the federal agency (2 CFR §200.334). In addition, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that federal programs are being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—This program ended on December 31, 2021, and the Division’s management reported to us that it received all the records related to the federal program from the third-party contractor when operations of the State’s Return-to-Work Bonus Program and related benefits system ceased.1 However, to the extent possible for this program and for all future federal programs the Division administers, the Division should: 1. Ensure subaward entities provide all records and the Division retains all records relating to a federal award for a period of 3 years from the date it submits the final expenditure report. 2. Work with the State of Arizona Office of the Governor and U.S. Department of the Treasury to resolve the $10,000 in questioned costs.2 The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy. 1 To be eligible for the State’s Return-to-Work Bonus Program benefits, individuals had to have filed, received, and been deemed eligible for Unemployment Insurance program benefits in Arizona between the period of May 8, 2021, and May 15, 2021. The benefit payments consisted of bonus payments of either $1,000 or $2,000, with a total maximum benefit amount of $2,000 per eligible individual. The State’s Return-to-Work Bonus Program was funded by the federal Coronavirus State and Local Fiscal Recovery Funds, an American Rescue Plan Act of 2021 program (Public Law 117-2), as administered by the Arizona Governor’s Office. The Department of Economic Security operated the program from July 1, 2021, through December 31, 2021, and the program ended on December 31, 2021. (State of Arizona, Office of the Governor and Department of Economic Security Interagency Service Agreement No. ISA-DES-ARPA-070121-02). 2 Federal Uniform Guidance requires federal awarding agencies to follow up on audit findings and issue a management decision to ensure the recipient, the Office of the Governor, takes appropriate and timely corrective action (2 CFR §200.513[c]). Further, it requires that federal awarding agencies’ management decisions clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action, as directed by the federal awarding agencies (2 CFR §200.521).
Assistance Listings number and name: 21.027 COVID-19 State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Eligibility Questioned costs: $10,000 Condition—Contrary to federal regulations and its policies and procedures, the Department of Economic Security—Division of Employment and Rehabilitation Services (Division) made benefits payments totaling $10,000 to individuals for the State’s Return-to-Work Bonus Program for which it lacked documentation to support that it paid only those individuals who were eligible to receive them. We tested 67 individuals who received benefit payments and found that the Division made benefit payments to 5 individuals totaling $10,000 for which it lacked documentation to support the eligibility determinations.1 This calculates to a 7.5 percent exception rate for our 67 individual eligibility sample, totaling $133,000. Effect—The Division’s payment of $10,000 of program benefits for which it lacked documentation showing the 5 individuals were eligible beneficiaries increases the risk that the Division may not have been able to effectively prevent or detect fraud. Consequently, the Division may be required to return $10,000 to the federal agency.2 Cause—The Division’s management reported that it contracted with a third party to implement and use a new, temporary benefits system for the State’s Return-to-Work Bonus Program from July 1, 2021, through December 31, 2021.1 When the program and the Department’s contract with the third party ended, the Division did not ensure that the third-party contractor provided it with a complete set of program documentation that was derived from the system. Criteria—Federal regulations require the Division to retain all federal program records for a period of 3 years from the submission date of the final expenditure report to the federal agency (2 CFR §200.334). In addition, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that federal programs are being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—This program ended on December 31, 2021, and the Division’s management reported to us that it received all the records related to the federal program from the third-party contractor when operations of the State’s Return-to-Work Bonus Program and related benefits system ceased.1 However, to the extent possible for this program and for all future federal programs the Division administers, the Division should: 1. Ensure subaward entities provide all records and the Division retains all records relating to a federal award for a period of 3 years from the date it submits the final expenditure report. 2. Work with the State of Arizona Office of the Governor and U.S. Department of the Treasury to resolve the $10,000 in questioned costs.2 The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy. 1 To be eligible for the State’s Return-to-Work Bonus Program benefits, individuals had to have filed, received, and been deemed eligible for Unemployment Insurance program benefits in Arizona between the period of May 8, 2021, and May 15, 2021. The benefit payments consisted of bonus payments of either $1,000 or $2,000, with a total maximum benefit amount of $2,000 per eligible individual. The State’s Return-to-Work Bonus Program was funded by the federal Coronavirus State and Local Fiscal Recovery Funds, an American Rescue Plan Act of 2021 program (Public Law 117-2), as administered by the Arizona Governor’s Office. The Department of Economic Security operated the program from July 1, 2021, through December 31, 2021, and the program ended on December 31, 2021. (State of Arizona, Office of the Governor and Department of Economic Security Interagency Service Agreement No. ISA-DES-ARPA-070121-02). 2 Federal Uniform Guidance requires federal awarding agencies to follow up on audit findings and issue a management decision to ensure the recipient, the Office of the Governor, takes appropriate and timely corrective action (2 CFR §200.513[c]). Further, it requires that federal awarding agencies’ management decisions clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action, as directed by the federal awarding agencies (2 CFR §200.521).
Assistance Listings number and name: 21.027 COVID-19 State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Eligibility Questioned costs: $10,000 Condition—Contrary to federal regulations and its policies and procedures, the Department of Economic Security—Division of Employment and Rehabilitation Services (Division) made benefits payments totaling $10,000 to individuals for the State’s Return-to-Work Bonus Program for which it lacked documentation to support that it paid only those individuals who were eligible to receive them. We tested 67 individuals who received benefit payments and found that the Division made benefit payments to 5 individuals totaling $10,000 for which it lacked documentation to support the eligibility determinations.1 This calculates to a 7.5 percent exception rate for our 67 individual eligibility sample, totaling $133,000. Effect—The Division’s payment of $10,000 of program benefits for which it lacked documentation showing the 5 individuals were eligible beneficiaries increases the risk that the Division may not have been able to effectively prevent or detect fraud. Consequently, the Division may be required to return $10,000 to the federal agency.2 Cause—The Division’s management reported that it contracted with a third party to implement and use a new, temporary benefits system for the State’s Return-to-Work Bonus Program from July 1, 2021, through December 31, 2021.1 When the program and the Department’s contract with the third party ended, the Division did not ensure that the third-party contractor provided it with a complete set of program documentation that was derived from the system. Criteria—Federal regulations require the Division to retain all federal program records for a period of 3 years from the submission date of the final expenditure report to the federal agency (2 CFR §200.334). In addition, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that federal programs are being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—This program ended on December 31, 2021, and the Division’s management reported to us that it received all the records related to the federal program from the third-party contractor when operations of the State’s Return-to-Work Bonus Program and related benefits system ceased.1 However, to the extent possible for this program and for all future federal programs the Division administers, the Division should: 1. Ensure subaward entities provide all records and the Division retains all records relating to a federal award for a period of 3 years from the date it submits the final expenditure report. 2. Work with the State of Arizona Office of the Governor and U.S. Department of the Treasury to resolve the $10,000 in questioned costs.2 The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy. 1 To be eligible for the State’s Return-to-Work Bonus Program benefits, individuals had to have filed, received, and been deemed eligible for Unemployment Insurance program benefits in Arizona between the period of May 8, 2021, and May 15, 2021. The benefit payments consisted of bonus payments of either $1,000 or $2,000, with a total maximum benefit amount of $2,000 per eligible individual. The State’s Return-to-Work Bonus Program was funded by the federal Coronavirus State and Local Fiscal Recovery Funds, an American Rescue Plan Act of 2021 program (Public Law 117-2), as administered by the Arizona Governor’s Office. The Department of Economic Security operated the program from July 1, 2021, through December 31, 2021, and the program ended on December 31, 2021. (State of Arizona, Office of the Governor and Department of Economic Security Interagency Service Agreement No. ISA-DES-ARPA-070121-02). 2 Federal Uniform Guidance requires federal awarding agencies to follow up on audit findings and issue a management decision to ensure the recipient, the Office of the Governor, takes appropriate and timely corrective action (2 CFR §200.513[c]). Further, it requires that federal awarding agencies’ management decisions clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action, as directed by the federal awarding agencies (2 CFR §200.521).
Assistance Listings number and name: 21.027 COVID-19 State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Eligibility Questioned costs: $10,000 Condition—Contrary to federal regulations and its policies and procedures, the Department of Economic Security—Division of Employment and Rehabilitation Services (Division) made benefits payments totaling $10,000 to individuals for the State’s Return-to-Work Bonus Program for which it lacked documentation to support that it paid only those individuals who were eligible to receive them. We tested 67 individuals who received benefit payments and found that the Division made benefit payments to 5 individuals totaling $10,000 for which it lacked documentation to support the eligibility determinations.1 This calculates to a 7.5 percent exception rate for our 67 individual eligibility sample, totaling $133,000. Effect—The Division’s payment of $10,000 of program benefits for which it lacked documentation showing the 5 individuals were eligible beneficiaries increases the risk that the Division may not have been able to effectively prevent or detect fraud. Consequently, the Division may be required to return $10,000 to the federal agency.2 Cause—The Division’s management reported that it contracted with a third party to implement and use a new, temporary benefits system for the State’s Return-to-Work Bonus Program from July 1, 2021, through December 31, 2021.1 When the program and the Department’s contract with the third party ended, the Division did not ensure that the third-party contractor provided it with a complete set of program documentation that was derived from the system. Criteria—Federal regulations require the Division to retain all federal program records for a period of 3 years from the submission date of the final expenditure report to the federal agency (2 CFR §200.334). In addition, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that federal programs are being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—This program ended on December 31, 2021, and the Division’s management reported to us that it received all the records related to the federal program from the third-party contractor when operations of the State’s Return-to-Work Bonus Program and related benefits system ceased.1 However, to the extent possible for this program and for all future federal programs the Division administers, the Division should: 1. Ensure subaward entities provide all records and the Division retains all records relating to a federal award for a period of 3 years from the date it submits the final expenditure report. 2. Work with the State of Arizona Office of the Governor and U.S. Department of the Treasury to resolve the $10,000 in questioned costs.2 The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy. 1 To be eligible for the State’s Return-to-Work Bonus Program benefits, individuals had to have filed, received, and been deemed eligible for Unemployment Insurance program benefits in Arizona between the period of May 8, 2021, and May 15, 2021. The benefit payments consisted of bonus payments of either $1,000 or $2,000, with a total maximum benefit amount of $2,000 per eligible individual. The State’s Return-to-Work Bonus Program was funded by the federal Coronavirus State and Local Fiscal Recovery Funds, an American Rescue Plan Act of 2021 program (Public Law 117-2), as administered by the Arizona Governor’s Office. The Department of Economic Security operated the program from July 1, 2021, through December 31, 2021, and the program ended on December 31, 2021. (State of Arizona, Office of the Governor and Department of Economic Security Interagency Service Agreement No. ISA-DES-ARPA-070121-02). 2 Federal Uniform Guidance requires federal awarding agencies to follow up on audit findings and issue a management decision to ensure the recipient, the Office of the Governor, takes appropriate and timely corrective action (2 CFR §200.513[c]). Further, it requires that federal awarding agencies’ management decisions clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action, as directed by the federal awarding agencies (2 CFR §200.521).
Assistance Listings number and name: 21.027 COVID-19 State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Eligibility Questioned costs: $10,000 Condition—Contrary to federal regulations and its policies and procedures, the Department of Economic Security—Division of Employment and Rehabilitation Services (Division) made benefits payments totaling $10,000 to individuals for the State’s Return-to-Work Bonus Program for which it lacked documentation to support that it paid only those individuals who were eligible to receive them. We tested 67 individuals who received benefit payments and found that the Division made benefit payments to 5 individuals totaling $10,000 for which it lacked documentation to support the eligibility determinations.1 This calculates to a 7.5 percent exception rate for our 67 individual eligibility sample, totaling $133,000. Effect—The Division’s payment of $10,000 of program benefits for which it lacked documentation showing the 5 individuals were eligible beneficiaries increases the risk that the Division may not have been able to effectively prevent or detect fraud. Consequently, the Division may be required to return $10,000 to the federal agency.2 Cause—The Division’s management reported that it contracted with a third party to implement and use a new, temporary benefits system for the State’s Return-to-Work Bonus Program from July 1, 2021, through December 31, 2021.1 When the program and the Department’s contract with the third party ended, the Division did not ensure that the third-party contractor provided it with a complete set of program documentation that was derived from the system. Criteria—Federal regulations require the Division to retain all federal program records for a period of 3 years from the submission date of the final expenditure report to the federal agency (2 CFR §200.334). In addition, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that federal programs are being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—This program ended on December 31, 2021, and the Division’s management reported to us that it received all the records related to the federal program from the third-party contractor when operations of the State’s Return-to-Work Bonus Program and related benefits system ceased.1 However, to the extent possible for this program and for all future federal programs the Division administers, the Division should: 1. Ensure subaward entities provide all records and the Division retains all records relating to a federal award for a period of 3 years from the date it submits the final expenditure report. 2. Work with the State of Arizona Office of the Governor and U.S. Department of the Treasury to resolve the $10,000 in questioned costs.2 The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy. 1 To be eligible for the State’s Return-to-Work Bonus Program benefits, individuals had to have filed, received, and been deemed eligible for Unemployment Insurance program benefits in Arizona between the period of May 8, 2021, and May 15, 2021. The benefit payments consisted of bonus payments of either $1,000 or $2,000, with a total maximum benefit amount of $2,000 per eligible individual. The State’s Return-to-Work Bonus Program was funded by the federal Coronavirus State and Local Fiscal Recovery Funds, an American Rescue Plan Act of 2021 program (Public Law 117-2), as administered by the Arizona Governor’s Office. The Department of Economic Security operated the program from July 1, 2021, through December 31, 2021, and the program ended on December 31, 2021. (State of Arizona, Office of the Governor and Department of Economic Security Interagency Service Agreement No. ISA-DES-ARPA-070121-02). 2 Federal Uniform Guidance requires federal awarding agencies to follow up on audit findings and issue a management decision to ensure the recipient, the Office of the Governor, takes appropriate and timely corrective action (2 CFR §200.513[c]). Further, it requires that federal awarding agencies’ management decisions clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action, as directed by the federal awarding agencies (2 CFR §200.521).
Assistance Listings number and name: 21.027 COVID-19 State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Eligibility Questioned costs: $10,000 Condition—Contrary to federal regulations and its policies and procedures, the Department of Economic Security—Division of Employment and Rehabilitation Services (Division) made benefits payments totaling $10,000 to individuals for the State’s Return-to-Work Bonus Program for which it lacked documentation to support that it paid only those individuals who were eligible to receive them. We tested 67 individuals who received benefit payments and found that the Division made benefit payments to 5 individuals totaling $10,000 for which it lacked documentation to support the eligibility determinations.1 This calculates to a 7.5 percent exception rate for our 67 individual eligibility sample, totaling $133,000. Effect—The Division’s payment of $10,000 of program benefits for which it lacked documentation showing the 5 individuals were eligible beneficiaries increases the risk that the Division may not have been able to effectively prevent or detect fraud. Consequently, the Division may be required to return $10,000 to the federal agency.2 Cause—The Division’s management reported that it contracted with a third party to implement and use a new, temporary benefits system for the State’s Return-to-Work Bonus Program from July 1, 2021, through December 31, 2021.1 When the program and the Department’s contract with the third party ended, the Division did not ensure that the third-party contractor provided it with a complete set of program documentation that was derived from the system. Criteria—Federal regulations require the Division to retain all federal program records for a period of 3 years from the submission date of the final expenditure report to the federal agency (2 CFR §200.334). In addition, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that federal programs are being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—This program ended on December 31, 2021, and the Division’s management reported to us that it received all the records related to the federal program from the third-party contractor when operations of the State’s Return-to-Work Bonus Program and related benefits system ceased.1 However, to the extent possible for this program and for all future federal programs the Division administers, the Division should: 1. Ensure subaward entities provide all records and the Division retains all records relating to a federal award for a period of 3 years from the date it submits the final expenditure report. 2. Work with the State of Arizona Office of the Governor and U.S. Department of the Treasury to resolve the $10,000 in questioned costs.2 The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy. 1 To be eligible for the State’s Return-to-Work Bonus Program benefits, individuals had to have filed, received, and been deemed eligible for Unemployment Insurance program benefits in Arizona between the period of May 8, 2021, and May 15, 2021. The benefit payments consisted of bonus payments of either $1,000 or $2,000, with a total maximum benefit amount of $2,000 per eligible individual. The State’s Return-to-Work Bonus Program was funded by the federal Coronavirus State and Local Fiscal Recovery Funds, an American Rescue Plan Act of 2021 program (Public Law 117-2), as administered by the Arizona Governor’s Office. The Department of Economic Security operated the program from July 1, 2021, through December 31, 2021, and the program ended on December 31, 2021. (State of Arizona, Office of the Governor and Department of Economic Security Interagency Service Agreement No. ISA-DES-ARPA-070121-02). 2 Federal Uniform Guidance requires federal awarding agencies to follow up on audit findings and issue a management decision to ensure the recipient, the Office of the Governor, takes appropriate and timely corrective action (2 CFR §200.513[c]). Further, it requires that federal awarding agencies’ management decisions clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action, as directed by the federal awarding agencies (2 CFR §200.521).
Assistance Listings number and name: 21.027 COVID-19 State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Eligibility Questioned costs: $10,000 Condition—Contrary to federal regulations and its policies and procedures, the Department of Economic Security—Division of Employment and Rehabilitation Services (Division) made benefits payments totaling $10,000 to individuals for the State’s Return-to-Work Bonus Program for which it lacked documentation to support that it paid only those individuals who were eligible to receive them. We tested 67 individuals who received benefit payments and found that the Division made benefit payments to 5 individuals totaling $10,000 for which it lacked documentation to support the eligibility determinations.1 This calculates to a 7.5 percent exception rate for our 67 individual eligibility sample, totaling $133,000. Effect—The Division’s payment of $10,000 of program benefits for which it lacked documentation showing the 5 individuals were eligible beneficiaries increases the risk that the Division may not have been able to effectively prevent or detect fraud. Consequently, the Division may be required to return $10,000 to the federal agency.2 Cause—The Division’s management reported that it contracted with a third party to implement and use a new, temporary benefits system for the State’s Return-to-Work Bonus Program from July 1, 2021, through December 31, 2021.1 When the program and the Department’s contract with the third party ended, the Division did not ensure that the third-party contractor provided it with a complete set of program documentation that was derived from the system. Criteria—Federal regulations require the Division to retain all federal program records for a period of 3 years from the submission date of the final expenditure report to the federal agency (2 CFR §200.334). In addition, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that federal programs are being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—This program ended on December 31, 2021, and the Division’s management reported to us that it received all the records related to the federal program from the third-party contractor when operations of the State’s Return-to-Work Bonus Program and related benefits system ceased.1 However, to the extent possible for this program and for all future federal programs the Division administers, the Division should: 1. Ensure subaward entities provide all records and the Division retains all records relating to a federal award for a period of 3 years from the date it submits the final expenditure report. 2. Work with the State of Arizona Office of the Governor and U.S. Department of the Treasury to resolve the $10,000 in questioned costs.2 The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy. 1 To be eligible for the State’s Return-to-Work Bonus Program benefits, individuals had to have filed, received, and been deemed eligible for Unemployment Insurance program benefits in Arizona between the period of May 8, 2021, and May 15, 2021. The benefit payments consisted of bonus payments of either $1,000 or $2,000, with a total maximum benefit amount of $2,000 per eligible individual. The State’s Return-to-Work Bonus Program was funded by the federal Coronavirus State and Local Fiscal Recovery Funds, an American Rescue Plan Act of 2021 program (Public Law 117-2), as administered by the Arizona Governor’s Office. The Department of Economic Security operated the program from July 1, 2021, through December 31, 2021, and the program ended on December 31, 2021. (State of Arizona, Office of the Governor and Department of Economic Security Interagency Service Agreement No. ISA-DES-ARPA-070121-02). 2 Federal Uniform Guidance requires federal awarding agencies to follow up on audit findings and issue a management decision to ensure the recipient, the Office of the Governor, takes appropriate and timely corrective action (2 CFR §200.513[c]). Further, it requires that federal awarding agencies’ management decisions clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action, as directed by the federal awarding agencies (2 CFR §200.521).