Due Diligence And Oversight of Vendors in the Current Regulatory Environment: What Nonprofits Need to Know November 28, 2017

Transcription

1 Due Diligence And Oversight of Vendors in the Current Regulatory Environment: What Nonprofits Need to Know November 28, 2017 BDO USA, LLP, a Delaware limited liability partnership, is the U.S. member of BDO International Limited, a UK company BDO KNOWLEDGE limited by guarantee, Webinar Series and forms Due part Diligence of the And Oversight of Vendors international BDO network of independent member firms. Page 1 /

2 CPE AND SUPPORT CPE Participation Requirements To receive CPE credit for this webcast: You ll need to actively participate throughout the program. Be responsive to at least 75% of the participation pop-ups. Please refer to the CPE & Support Handout in the Handouts section for more information about group participation and CPE certificates. Q&A: Submit all questions using the Q&A feature on the lower right corner of the screen. At the end of the presentation, the presenter(s) will review and answer all questions submitted. Technical Support: If you should have technical issues, please contact LearnLive: Click on the Live Chat icon under the Support tab, OR call: Audio Audio will be streamed through your computer speakers. If you experience audio issues during today s presentation please dial into the teleconference: , teleconference code: Page 2

3 WITH YOU TODAY Andrea Wilson Partner Nonprofit and Education Advisory Services BDO USA, LLP 8401 Greensboro Drive Suite 800 Direct: (703) Ken Eye Director Nonprofit and Education Advisory Services BDO USA, LLP 8401 Greensboro Drive Suite 800 Direct: (703) Page 3

4 USE OF VENDORS FOR NONPROFITS The use of vendors is a necessary component of program implementation. However, the use of vendors comes with certain risks that must be mitigated. Question: How do you protect your organization? Answer: Due Diligence and Oversight Page 4

5 DILIGENCE AND OVERSIGHT Includes internal and external processes to identity risks to the organization and its mission (including fraud, waste and abuse). A holistic process for vendor oversight encompassing: - Pre-Award Evaluations/Vetting & the Procurement Process - Active Monitoring and Evaluation - Closeout and Post Award Review - Independent Monitoring (e.g. Internal Audit) Page 5

6 POSSIBLE CONSEQUENCES OF INADEQUATE OVERSIGHT 990 Disclosure Damage to an organization s reputation Loss of current grant funds Decline in future revenue sources Increased donor oversight Temporary suspension or debarment if federally funded Financial, legal, and personnel costs associated with the outcome of regulatory inquiries. Page 6

7 WHAT ARE THE THREE MAIN KINDS OF FRAUD? Corruption Asset Misappropriation Financial Statement Fraud Page 7

8 PREVALENCE OF INTERNAL CONTROL WEAKNESSES Reported in the Association of Certified Fraud Examiner s 2016 Report to the Nations on Occupational Fraud and Abuse Page 8

9 PRE-AWARD EVALUATIONS AND THE PROCUREMENT PROCESS Documented procurement policies and procedures Develop a Request for Proposal Form (RFP) tailored the organization s specific needs. Provide written guidance. This helps establish a standard baseline, by which to evaluate all potential vendors. Be cognizant of all Federal, State, Local, and Foreign regulations as applicable to your organization and the program being implemented. Run potential contracts through procurement and/or legal departments. - Do NOT rely on Memorandums of Agreement/Understanding as the primary governing document of the business relationship; These can leave an organization with limited legal recourses should an issue arise. Page 9

10 PRE-AWARD EVALUATIONS AND THE PROCUREMENT PROCESS Compare vendor pricing structure to industry standards Ensure the Vendor is not currently listed as a prohibited source with the US Department of Labor, Office of Federal Contract Compliance Programs (OFCCP). - This can be checked with a free System for Awards Management check at: - Run key personnel, addresses, phone numbers, and other pertinent information associated with each through this system for any potential matches. Prohibited sources often change names. Make a Better Business Bureau Inquiry Benchmarking Page 10

11 PRE-AWARD EVALUATIONS AND THE PROCUREMENT PROCESS Evaluate Key Vendor Personnel for Possible Connections to / Conflicts of Interests with: - Board Members or relatives of the Organization. Example: A board member or procurement official at a nonprofit being the owner, employee, or stockholder of a vendor bidding on a project. - Collusion Among Bidders. Are frequent go to firms taking turns, thus inflating prices? - Employees of the Government Agency or Entity distributing the grant. - Special attention should be paid to spouses Page 11

12 PRE-AWARD EVALUATIONS AND THE PROCUREMENT PROCESS Best Practice Tip: Considering having all employees prepare and sign a financial disclosure at the beginning of each fiscal year. Financial disclosure statements are a great way to expose potential or perceived conflicts of interests. Run Scenarios: Ask questions beyond the paperwork. Just because a vendor submits a bid does not mean they can perform the task. Research their prior work. Pay extra scrutiny to vendors who have only been in business for a few years. Does the Vendor have Vendors? Many vendors sub-contract tasks or deliverables. If subcontractors are used its best to know what exactly they will be working on and the primary vendor s processes of providing oversight. Page 12

13 CHECK THE VENDOR S PAST PERFORMANCE Has the vendor performed this work before? Results of previous audits? Other donor/governmental audits? Due diligence assessments What does the web say? Page 13

14 PRE-AWARD EVALUATIONS AND THE PROCUREMENT PROCESS Branding and Messaging: An Organization s Brand is its most valuable asset. How do you protect it against potential liabilities when contracting work out? - Clearly establish written guidelines regarding the use of your organization s name and logos in any products or services provided by the vendor. - Agree on a Messaging Strategy and Approval Mechanism for products going to an external audience. - Beware of Auto Renewal Clauses: Should a vendor s reputation or financial health change, the organization does not want to be automatically obligated to retain services. Page 14

15 ACTIVE VENDOR MONITORING AND EVALUATION Ensure all stakeholders are consulted Qualitative and quantitative measures Ensure that adequate internal controls and segregation of duties are in place and followed Pay special attention to invoices with partial payments Identify the key deliverables when a contract is initiated. Establish a system of metrics by which to monitor progress, compliance, and milestones. Collect baseline data. Use good software/tracking Perform site visits to ensure vendor is delivering Product substitution and possible counterfeit parts Provide active feedback Monitor burn rate Active lessons learned feedback Conduct regular assessments and document your findings? Page 15

16 CLOSEOUT AND POST AWARD REVIEW Perform the closeout of a vendor in a timely manner Ensure that deliverables achieved and documented Financial and technical evaluation and close-out Release of claims Page 16

17 INDEPENDENT EVALUATION INTERNAL/EXTERNAL AUDITS Internal Audits Review procurement process Test procurement transactions Perform scopes for specific vendor areas External Audits Review procurement process Regulatory and donor entities may audit your procurement systems this may include sub recipients 2 CRF 200, Subpart D Requirements for federally funded organizations Page 17

18 VENDOR VERIFICATIONS Does the Vendor Exist and Did You Get the Best Price? Page 18

19 INDEPENDENT EVALUATION My organization has limited resources, where do I prioritize my resources? Answer a question with a question: Where are regulatory entities likely to conduct reviews, audits, and investigations? Page 19

20 INDEPENDENT EVALUATION What and Where are Regulatory Entities Likely to Audit? Check the current U.S. Government Accountability Office (GAO) High Risk List published at: Scan relevant Office of Inspector General (OIG) websites for: Annual Plans, Audit Reports, Strategic Plans, etc. that would indicate an increased likelihood of being audited. Is there a statutory requirement to audit the program? Pay attention to political blogs relevant to your industry. World Events: If it s appearing in the news, someone will likely be asking questions. Page 20

21 OTHER PROCUREMENT RESOURCES Use Existing Resources to Focus Your Internal Procurement Review Efforts Organizations such as, the Association of Certified Fraud Examiners, provide a lot of free reports: Cultivate relationships with other Non Profits and Industry Stake Holders: colleagues are often the quickest and most succinct resources of knowledge on procurement. Subscribe to Journals/Periodicals relevant to your industry and attend Conferences/Webinars: staying current to procurement requirements is crucial. - Funding to send staff an issue? Institute a Train the Trainer Program. Send a limited number of employees and have them develop a presentation or summary for the rest of the organization. Page 21

22 BEST PRACTICES Perception Matters When it comes to Regulatory Bodies, Congress, Donors, and the Media, perception matters: - Competence - Accountability - Due Diligence - Responsibility - Responsiveness Was the issue an isolated incident, a break-down in controls, or reckless disregard? Page 22

23 BEST PRACTICES Perception Matters Build in a margin for error in both cost and delivery times for both the organization and the vendor deliverables. Have Contingency Plans - Continuity of operations and programs should a vendor be unable to deliver or separation from the organization becomes a necessity. Bring in expert help early when a crisis emerges. Have strong Payment Control Systems: separate duties and have concrete criteria for issuing payments to ensure the organization is getting what it paid for. Page 23

24 BEST PRACTICES Perception Matters Employee Training: Well trained employees are an organization s greatest asset against possible missteps. Develop continuous employee training programs on topics such as: - Contracting Procedures - Vetting - Internal Controls - Monitoring and Evaluation - Fraud Detection and Prevention Routinely Communicate with all Levels of Employees: Frontline employees are often in the best position to prevent or detect fraud in the day to day execution of their duties. Foster an environment where all employees feel empowered to raise concerns. Page 24

25 WE FOUND AN ISSUE NOW WHAT? Mandatory Disclosure Investigation Notification to Auditors and Authorities Determining Impact and Reputation Risk Possible Legal Remediation with the Vendor Evaluation of Controls Gaps and Remediation Page 25

26 Questions Andrea Wilson Ken Eye Page 26