Finding Text
Finding 2021-006: Subrecipient Monitoring Federal Programs: Research and Development Cluster: 47.076 - STEM +C Criteria or Specific Requirement (Including Statutory, Regulatory, or Other Citation): As stated in 2 CFR 200.331 part (b), all pass-through entities must evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring procedures to prescribe to each individual subrecipient. Condition: During our audit work over subrecipient monitoring, we were unable to verify that pre-award risk assessment procedures were performed. It is our understanding that AAPT has ongoing relationships with these subrecipients and evaluation of these subrecipients' risk is a continual process; however, these procedures were not documented. Cause: AAPT’s internal policies and procedures governing risk assessment on subrecipient was not performed. Effect or Potential Effect: AAPT could inadvertently engage in relationships with subrecipients of higher risk without the appropriate level of oversight to ensure subrecipients are expending funds in accordance with the provisions and terms of the subaward. Questioned Costs: None noted. Context: Our audit procedures consisted of examining documentation of the subrecipient monitoring process, and evaluating internal controls over the process. Identification as a Repeat Finding, if Applicable: 2020-006. Recommendation: We recommend AAPT follow their internal policies and procedures surrounding subrecipients and document the risk assessment criteria for the purpose of determining the expected level of oversight during the period of performance. This evaluation should include a scaling system, such as high, medium or low risk (for example), and the monitoring tools and procedures to be performed at each of these levels (additional
training, on-site reviews, types of and frequency of reporting, etc.).
Views of Responsible Officials and Planned Corrective Actions: Management will continue to
perform risk assessment procedures and will thoroughly document the processes and
evaluations.
Anticipated Completion Date: 12/31/2022
Responsible Official: Michael Brosnan, CFO