ISSUES IMPACTING GOVERNMENTS: FRAUD, DATA MINING AND SINGLE AUDIT Presented By: William Blend, CPA, CFE

Transcription

1 ISSUES IMPACTING GOVERNMENTS: FRAUD, DATA MINING AND SINGLE AUDIT Presented By: William Blend, CPA, CFE

2 ETHICS AND FRAUD BASICS

3 How is Ethics Related to Fraud? Because Ethics is a discipline dealing with what is good and bad with moral duty and obligation. 3

4

5 Some Fraud Basics Fraud Triangle Pressure, Opportunity and Rationalization Fraud Motivation There is not just one! (Money, Ego, Entitlement, Ideology, Coercion) Accidental and Predator Fraudsters More than one type 5

6 Fraudsters More Details Accidental Fraudster Predator Fraudster Focus of Fraud Triangle First Time Offender Well Educated, Male, Middle Class, Good Person Pressure Occurs Rationalization Deliberate, Arrogant Seeks Opportunities No Pressure or Rationalization May Begin as Accidental Criminal Mindset 6

7 Fraud, Waste and Abuse Fraud an illegal act involving the obtaining of something of value through willful misrepresentation. Fraud is a determination to be made through the judicial process. Waste involves not receiving reasonable value for money in connection with any government-funded activities. Abuse involves behavior that is deficient or improper when compared with behavior that a prudent person would consider reasonable and necessary business practice given the facts and circumstances. 7

8 DATA FROM 2016 ACFE REPORT TO THE NATIONS

9 Victim Organizations - Government

10 How Occupational Fraud is Committed Duration of Fraud Based on Scheme Type

11 Detection of Fraud Schemes Initial Detection of Occupational Frauds

12 Detection of Fraud Schemes (Cont.) Source of Tips

13 Perpetrators Position of Perpetrator Frequency and Median Loss

14 Perpetrators (Cont.) Gender of Perpetrator Frequency

15 Perpetrators (Cont.) Age of Perpetrator Frequency & Median Loss

16 Perpetrators (Cont.) Tenure of Perpetrator Frequency and Median Loss

17 Perpetrators (Cont.) Behavioral Red Flags of Perpetrators

18 REAL LIFE CASES - DISCUSSION

19 ORGANIZATION'S ANTI-FRAUD SCORE? FOOD FOR THOUGHT

20 Organizational Fraud Checkup Purpose potential clients think about possible issues that could impact their organization. Consider offering this as a service to clients but remember, they should have legal representation involved. 20

21 Organizational Fraud Checkup (Cont.) Fraud risk oversight to what extent has the organization established a process for oversight of fraud risk by its governance? Fraud risk ownership how has the organization created ownership of fraud risk by identification of parties having responsibilities for fraud risk and communication to others in the organization of responsible parties? Fraud risk assessment to what extent has the organization implemented an ongoing process to evaluate the risk of fraud in the organization? 21

22 Organizational Fraud Checkup (Cont.) Fraud risk tolerance and risk management policy does the organization have an approved fraud risk tolerance and risk management policy which includes a fraud risk component? Process-level anti-fraud controls / re-engineering how has the organization implemented measures to reduce each of the significant fraud risks identified through the fraud risk assessment? 22

23 Organizational Fraud Checkup (Cont.) Environment-level anti-fraud controls to what extent has the organization implemented a process to promote ethical behavior, deter wrongdoing and promote two-way communication on difficult issues? Proactive fraud detection to what extent has the organization established a process to detect, investigate and resolve potentially significant fraud? 23

24 GOVERNMENT AUDIT EXPECTATION GAP

25 Types of Audits Financial statement audits Focuses on looking for misstatements in the financial statements OMB Circular A-133 Compliance Audits (or Single Audits) Focuses on compliance with federal programs requirements and internal control over federal expenditures Forensic (Fraud) Audits Focuses on identification of fraud. Usually, narrowly focuses on specific allegation or suspected fraudulent activity 25

26 Role of Financial Statement Audit Primarily for an opinion about the fair presentation of the financial statements Provide only reasonable assurance that the financial statements are free from material misstatement, regardless of cause, but reasonable is defined as a high level of assurance However, the role shouldn t be taken for granted, as many analytical relationships among the financial statements, when performed by the auditor, can expose the potential issue 26

27 Financial Statement Audits Only a small percentage of fraud detected by financial statement audit Financial statement audits are not fraud or forensic audits Objective is issuing an opinion of financial statements The auditor s report only gives reasonable assurance that there are no material misstatements in the financial statements Auditors are not required to detect fraud 27

28 Financial Statement Audits (Cont.) Auditor s consideration of fraud risk is limited to material misstatements in the financial statements Auditors obtain an understanding of internal control over financial reporting when planning the audit A financial statement audit can provide valuable insight into adequacy of internal controls Control weaknesses could be key indicator of a fraud opportunity Auditors must exercise professional skepticism during the audit 28

29 DATA MINING

30 Data Mining Basics Reasons for Using Challenges Process Basic Data Analysis Techniques 30

31 Data Mining - Basics Data analysis can be used to search for patterns, anomalies and trends which may indicate potential error or fraud Data analysis tools can be used as part of a governments monitoring component of internal controls Data analysis allows for the evaluation of large amounts of data (big data) Big data is defined by Merriam-Webster as an accumulation of data that is too large and complex for processing by traditional database management tools 31

32 Data Mining - Basics Big data associated terms; Volume amount of data Velocity speed of information generated and flowing into an entity Variety types and sources of data available Veracity/Value is the data useful for the purpose intended and what are the potential pitfalls of the data that might impact its usefulness Volatility how long is the data valid for, where and in what form should it be stored. When does it become obsolete for its intended use 32

33 Data Mining - Basics Forms of data; Structured data generally found in a data base, consists of a form that is usable and its form is predictable. Common example would be data in your financial accounting program such as utility billing, accounts payable, check registers, general ledger Unstructured data not found in traditional data bases. Examples include vendor invoices, s, social media, internet 33

34 Data Mining - Basics Data analysis software; IDEA ACL ActiveData for Excel AutoAudit SNAP Reporter 34

35 Data Mining Reasons for Using Due to the volume of data. Manually reviewing all documents is inefficient and time consuming Data mining allows for the examination of millions of records quickly, easily, and efficiently Data extraction and analysis software assists by highlighting individual transactions that have characteristics identified by the user as an anomaly Data analytics software allows the user the ability to analyze data from previous years, compare data from different locations, and perform continuous monitoring 35

36 Data Mining Challanges Poorly defined scope Problems in obtaining data Manually maintained data False positives Failing to ensure data integrity Misinterpretation of results Improper data extraction Software costs Internal resources Buy in 36

37 Data Mining Process Data analysis involves running targeted tests on data to identify anomalies, the process includes four phases: 1. Planning 2. Preparation 3. Testing and interpretation 4. Post-analysis 37

38 Data Mining Process Planning Phase: 1. Understand/Identify the data to be mined/analyzed 2. Develop procedures and objectives 3. Evaluate the related process and identify risk 4. Develop the criteria for exceptions 38

39 Data Mining Process Preparation Phase: 1. Identify the relevant data. Data bases have many fields determine which ones will be required to properly perform the analysis 2. Obtain the data 3. Verify the data completeness and competence 4. Cleanse and normalize obtain uniformity for ease of analysis 39

40 Data Mining Process Testing and Interpretation: 1. Perform various data analysis techniques and identify anomalies 2. Investigate anomalies and determine; false positives, exceptions, errors, etc. 3. Report summarize results as necessary 40

41 Data Mining Process Post-analysis: 1. Respond to findings 2. Identification of improvements 3. Implementation of improvements 4. Review process for improvements 41

42 Data Mining Basic Techniques There are a number of basic tests that can be used on data to detect anomalies in a data base. The use of a particular technique can vary depending on the identified potential anomaly identified in the planning phase. Often to perform a proper analysis a combination of techniques are utilized. 42

43 Data Mining Basic Techniques Applying filters Gap detection Duplicate identification Data sorting Joining and matching Round dollar amounts Identification of amounts below a threshold Identification of unusual times and dates 43

44 Data Mining Basic Techniques Applying Filters A filter identifies only those records meeting userdefined criteria. After obtaining an overview of the data, the user can drill down into the details by specifying criteria to isolate certain records for review. The use of display criteria can focus attention on transactions outside of the ordinary and reduce review (and processing) time. The criteria can be used singly or in combination. 44

45 Data Mining Basic Techniques GAP Detection Search for missing items in a series or sequence of consecutive numbers. Completeness of the data is important in data analysis, it can also be an indicator of anomalies in data base. When searching a data base, identifying what is not there can often be as important as identifying what is there. Users should look for expected items to ensure they exist and investigate further if there is missing data. Some examples of data sets where this tool is useful include check numbers, purchase order numbers, and inventory tags. 45

46 Data Mining Basic Techniques Duplicate Identification Looking for unexpected duplicates in a data set is another way to uncover red flags. This technique can quickly review the file, or several files joined together, to highlight duplicate values of key fields. In many systems, the key fields should contain only unique values (no duplicate records). Although not necessarily proof of an issue, the presence of duplicate check numbers, direct deposit numbers, invoices, vendor names, and other data often merits further analysis. 46

47 Data Mining Basic Techniques Duplicate Identification (cont.) Duplicate transactions are not necessarily indications of problems with data completeness. There may be a valid reason for the duplicate records. Determining if a duplicate is an issue requires a sound understanding of the data is necessary before drawing conclusions. Ex. - two different payments coded to the same invoice number is a red flag that perhaps one invoice was paid twice. However, a reasonable explanation for this finding would be that the invoice was paid in two partial payments. 47

48 Data Mining Basic Techniques Data Sorting Sorting arranges the data in a file in ascending or descending order based on one or more specified key fields. Commands can arrange information on any number of key fields quickly and easily. However, unusual transactions can be found simply by sorting on a field, such as the date or account number. 48

49 Data Mining Basic Techniques Data Sorting Often, irregularities in the records are identified at the beginning or end of a sorted file. For example an inventory listing by acquisition date, might reveal obsolete inventory. Other irregularities to look for include: Values outside of the normal range for the field Character data in numeric fields (or vice versa) Records with blank field values Payee or vendor names starting with blanks or unusual characters 49

50 Data Mining Basic Techniques Joining and Matching Combining two to different data bases into one file can potentially identify anomalies which would require further analysis. Once the two files are combined the user must define a relationship, and compare and contrast the data. 50

51 Data Mining Basic Techniques Round Dollar Amounts Intentional errors often occur in round-dollar amounts. Often these amounts occur for the same amount and on a regular basis. Searching for these types of transactions can potentially uncover fraud 51

52 Data Mining Basic Techniques Amounts Below Thresholds Most governments have policies that disbursement amounts above a certain threshold require special consideration. For example, checks greater than $1,000 might require two signatures, or invoices greater than $15,000 might require three phone quotes Employees are aware of these thresholds and may try to circumvent them by keeping activities below these thresholds. 52

53 Data Mining Basic Techniques Unusual Dates and Times Most governments have normal working hours. Often fraud or errors can occur or corrections made during off hours. In considering off hours/days also consider breaks, early and late work day times. If an organization allows remote access consider evaluating what type of activity is occurring through that process as well. 53

54 RED FLAGS AND DATA MINING

55 Data Mining Billing Red Flags Red Flag Incomplete vendor information Vendor address not a business address Duplicate Payments Invoice payment unusually quick Excessive purchases of a particular item Technique Data Sorting Joining and matching Duplicate identification Applying filters 55

56 Data Mining Check Tampering Red Flags Red Flag Out-of-range checks Non-payroll checks to employees Round dollar amount Excessive void checks Excessive manual checks Technique Data Sorting Joining and matching Gap detection Applying filters Round dollar amounts 56

57 Data Mining Payroll Red Flags Red Flag Multiple employees using same bank accounts Payroll checks paid to employees not in employee master file Pay rate variance between payroll register and employee file Unsupported adjustments to gross or net pay Multiple payments to employee in one pay period Technique Data Sorting Joining and matching Applying filters Round dollar amounts 57

58 Data Mining Procurement Red Flags Red Flag Sequential purchase orders or invoices under competitive bidding limits Excessive change orders by vendor Vendor payments just under approval limits Payments to vendors not on approved vendor list Vendor payments posted to incorrect expenditure/expense account Technique Data Sorting Joining and matching Applying filters Identification of amounts below threshold Identification of unusual times and dates 58

59 SINGLE AUDIT UPDATE UNIFORM GUIDANCE OVERVIEW

60 Single Audit Update Overview of Uniform Guidance (UG) UG - Single Audit Changes UG - Impact on Auditee and Auditor UG - Focus on Internal Controls FL Single Audit and AG Findings FEMA 60

61 UG Components Subpart A Acronyms and Definitions Subpart B General Provisions Subpart C Pre-Award Federal Requirements and Contents of Federal Awards Subpart D Post Federal Award Requirements Subpart E Cost Principles Subpart F Audit Requirements 61

62 UG Appendices Appendix I - Full Text of Notice of Funding Opportunity Appendix II - Contract Provisions for Non-Federal Entity Contracts under Federal Awards Appendix III - Indirect Cost Procedures Educational Institutions (IHEs) Appendix IV - Cost Identification and Assignment, and Rate Determination for NFPs Appendix V - S&LG, Indian Tribes - Wide Central Service Cost Allocation Plans 62

63 UG Appendices (Cont.) Appendix VI - Public Assistance Cost Allocation Plans Appendix VII - S&LG and Indian Tribe Indirect Cost Proposals Appendix VIII - NFPs Exempted from Subpart E - Cost Principles Appendix IX - Hospital Cost Principles Appendix X - Data Collection Form Appendix XI - Compliance Supplement 63

64 Regulatory Changes - Part D Post Award Awarded entity responsible for implementing and maintaining effective internal control (utilizing Green Book model) ( (a)) Awarded entity to comply, evaluate, monitor and take prompt corrective action related to compliance with federal statutes, regulations, and grant agreements ( (b), (c), (d)) Awarded entity to take reasonable measures to safeguard PPI ( (e)) 64

65 UG IMPACT ON SINGLE AUDITS

66 Basic Structure of Single Audit Process Unchanged Audit threshold ( ) Subrecipient vs. Contractor ( (f) & ) Biennial ( ) & Program-specific ( ) audits Non-federal entity selects auditor ( ) Auditee prepares financial statements & SEFA ( ) Audit follow-up & corrective action ( & ) 9 month due date (set in law) ( (a)) Reporting to Federal Audit Clearinghouse ( ) Major programs determined based on risk ( ) Compliance Supplement overall format 66

67 Single Audit Changes Increase audit threshold from $500,000 to $750,000 Expected to reduce burden on 5,000 non-federal entities Maintains coverage of more than 99% of federal grant funds currently covered 67

68 Single Audit Changes (Cont.) Increase minimum threshold for Type A programs from $300,000 to $750,000 Utilize table format for ease of comprehension Federal Awards Expended $750,000 less than equal to $25 million $750,000 Type A/B Threshold Exceed $25 million less than equal to $100 million Amt. of Federal Awards times.03 Exceed $100 million less than equal to $1 billion $3 million Exceed $1 billion less than equal to $10 billion Amt. of Federal Awards times.003 Exceed $10 billion less than equal to $20 billion $30 million Exceed $20 billion Amt. of Federal Awards times

69 Single Audit Changes (Cont.) Audit Coverage Rule If auditee meets criteria in (low risk), all major programs in aggregate must cover at least 20% of federal awards. Reduced from 25%. If auditee does not meet criteria in (low risk), all major programs in aggregate must cover at least 40% of federal awards. Reduced from 50%. Focus continues to be on highest risk programs 69

70 Single Audit Changes (Cont.) As in UG, auditee will qualify as low risk only for each of the preceding two audit periods: Single audits were performed on an annual basis and DCF and reporting package were submitted timely ( ) Opinions on F/S and SEFA were unmodified No material weaknesses in internal control under GAGAS No audit findings for Type A programs that either were material weaknesses in internal control, resulted in modified opinion on a major program, or had known or likely questioned costs that exceeded 5% of program expenditures 70

71 Single Audit Changes (Cont.) Auditor Type B Program Analysis Identify Type B programs which are high risk using professional judgment and criteria in Expected to perform risk assessment of Type B programs that exceed 25% of the Type A threshold (previously stepped approach) (ex., $750k *.25 = $187,500) Continues to encourage utilization of an assessment of risk that would result in different Type B programs to be audited over a period of time 71

72 Single Audit Changes (Cont.) Findings and Questioned Costs Must report known or questioned costs that are greater than $25,000 (increase from $10,000) Continued emphasis on findings, including detail with specifics to allow auditee to prepare the appropriate corrective action plan Continued emphasis on identification of prior findings, including updates and details as to why finding is not corrected, if applicable 72

73 Changes to Major Program Determination As in UG, Type A programs will be designated as low risk only if: In the most recent period, the program received an unmodified opinion; No material weakness in internal controls were reported; and There were no questioned costs exceeding 5% of program expenditures The program must have been audited as major in at least one of the two most recent audit periods 73

74 Changes to Major Program Determination (Cont.) Reduce the number of Type B programs that must be tested as major from at least one-half (1/2) to at least one-fourth (1/4) of the number of low-risk Type A programs identified Continues to allow the auditor to stop the risk assessment process at this point 74

75 Designation of Agency Officials Single Audit Accountable Official - Official responsible for ensuring the agency is in compliance with all audit requirements and improving effectiveness of agency s use of single audits Single Audit Liaison - Official serving as agency s point of contact for the single audit process. Appointed by the Single Audit Accountable Official 75

76 UG AUDITEE AND AUDITOR IMPACT

77 Auditee and Auditor Impact Important aspects of UG that impact auditees and the Single Audit process related to federal awards: UG - not just an auditor responsibility Financial Management System Procurement Cost Principles - Personal and Indirect Costs Subrecipients and related monitoring Internal Controls 77

78 Grant Process Narrative Internal Controls over Grants - General In addition to controls over compliance for major programs, auditees should maintain a narrative of internal controls for overall grant management Grant process narrative should include the following: o Key Personnel o IT Systems o Major Classes of Transactions o Information/Work Flow o Risks Inherent in the Process o Key Grant Controls 78

79 Scope of Audit under Uniform Guidance Pursuant to Section General Must be conducted in accordance with GAGAS Must cover entire operations of the auditee Must encompass financial statements and SEFA F/S and SEFA must be for the same period 79

80 Scope of Audit under Uniform Guidance (Cont.) Financial Statements Must determine if F/S are presented fairly in accordance with GAAP Must determine if SEFA is stated fairly in relation to the F/S as a whole 80

81 Scope of Audit under Uniform Guidance (Cont.) Internal Controls (in addition to GAGAS) Auditor must obtain understanding of internal control over federal programs to support a low assessed level of control risk of noncompliance for major programs If controls are effective, auditor must plan the testing of internal control over compliance for major programs to support a low assessed level of control risk for the assertions relevant to the compliance requirements for each major program 81

82 Scope of Audit under Uniform Guidance (Cont.) Internal Controls (in addition to GAGAS) Auditor must perform testing of internal control as planned If internal control likely to be ineffective, the Auditor must report a significant deficiency or material weakness, assess the control risk at maximum, and consider whether additional compliance tests are required 82

83 Scope of Audit under Uniform Guidance (Cont.) Compliance (in addition to GAGAS) Auditor must determine whether the auditee has complied with federal statutes, regulations, and the terms and conditions of federal awards that may have a direct and material effect on each of its major programs Auditor must determine the current compliance requirements and modify audit procedures accordingly 83

84 Scope of Audit under Uniform Guidance (Cont.) Compliance (in addition to GAGAS) For federal programs not included in the Compliance Supplement, the Auditor must follow the Compliance Supplement s guidance for programs not included in the supplement Compliance testing must include tests of transactions and such other auditing procedures necessary to provide the Auditor sufficient audit evidence to support an opinion on compliance 84

85 Scope of Audit under Uniform Guidance (Cont.) Audit follow-up Auditor must follow-up on prior audit findings, perform procedures to assess the reasonableness of the summary schedule of prior audit findings, and report, as a current year audit finding, if the auditee materially mispresented the status of the prior audit finding Auditor must perform follow-up procedures regardless of whether a prior audit finding relates to a major program in the current year 85

86 Scope of Audit under Uniform Guidance (Cont.) Data Collection Form Auditor must complete and sign specified sections of the Data Collection Form 86

87 Scope of Audit under Uniform Guidance (Cont.) Audit Documentation - General SEFA (reconciled to G/L, accounting records) Determination of major programs o Including low-risk Type A assessments and high-risk Type B assessments 2017 Compliance Supplement, including matrix Audit programs and SEFA disclosure checklist Grant Process Narrative Sampling documentation 87

88 Scope of Audit under Uniform Guidance (Cont.) Audit Documentation - Each Major Program All grant agreements with expenditures Compliance Supplement specific to the program Auditee worksheet to identify applicable grant requirements and responsible personnel Populations for sample selection that reconcile to SEFA 88

89 Scope of Audit under Uniform Guidance (Cont.) Audit Documentation - Each Major Program Risk assessment for compliance requirements Understanding of internal control over compliance, including identification of key internal controls for each direct and material compliance requirement Testing procedures that incorporate previously identified key internal controls for each direct and material compliance requirement 89

90 UG - INTERNAL CONTROLS

91 UG Definitions - Internal Controls Section Internal controls (IC) means a process, implemented by a non-federal entity, designed to provide reasonable assurance regarding the achievement of objectives in the following categories: (a) Effectiveness and efficiency of operations (b) Reliability of reporting for internal and external use (c) Compliance with applicable laws and regulations 91

92 UG Definitions - Internal Controls (Cont.) Section IC over compliance requirements for federal awards means a process implemented by a nonfederal entity designed to provide reasonable assurance that transactions are properly reported and accounted for in order to: Properly prepare financial statements and federal reports Maintain accountability over assets Demonstrate compliance with applicable statutes, regulations, and award terms and conditions Ensure funds, property, and other assets are safeguarded against loss from unauthorized use or disposition 92

93 Part D Post Award - Internal Controls Section The non-federal entity must: establish and maintain effective internal control over the federal award that provides reasonable assurance that the nonfederal entity is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. These internal controls should (best practice) be in compliance with guidance in Standards for Internal Control in the Federal Government issued by the Comptroller General of the United States or the Internal Control Integrated Framework issued by COSO. 93

94 Impact - Internal Controls General notes about Internal Controls: Provide reasonable assurance that objectives are met Procedures must be documented Manuals Written Procedures Management is responsible for Developing Documenting Implementing Monitoring 94

95 Standards: COSO vs. Green Book Component COSO Green Book Control Environment Risk Assessment Control Activities Information & Communication Monitoring 5 Principles 20 Points of Focus 4 Principles 27 Points of Focus 3 Principles 16 Points of Focus 3 Principles 14 Points of Focus 2 Principles 10 Points of Focus 5 Principles 13 Attributes 4 Principles 10 Attributes 3 Principles 11 Attributes 3 Principles 7 Attributes 2 Principles 6 Attributes Note: GAO combined COSO s points of focus into attributes 95

96 Example - Activities Allowed or Unallowed; Allowable Costs/Cost Principles Component Control Activities Control Environment Management sets reasonable budgets, enforces appropriate penalties for misuse of funds, and provides personnel approving expenditures with cost principles for allowable and unallowable expenditures. 96

97 Example - Activities Allowed or Unallowed; Allowable Costs/Cost Principles (Cont.) Component Control Activities Risk Assessment Key manager has a sufficient understanding of staff, processes, and controls to identify where unallowable activities or costs could be charged to a federal program and not be detected. Key manager reviews staffing and processes on a regular basis. 97

98 Example - Activities Allowed or Unallowed; Allowable Costs/Cost Principles (Cont.) Component Control Activities Control Activities Accountability provided for charges and costs between federal and non-federal activities. Process in place for timely updating of procedures for changes in activities allowed and cost principles. Computations checked for accuracy. Supporting documentation compared to OMB A-87 of allowable and unallowable expenditures. Adjustments to unallowable costs made, where appropriate, and follow-up action taken to determine the cause. Adequate segregation of duties in review and authorization of costs. Accountability for authorization-by program or department-is fixed in an individual who is knowledgeable of the requirements for determining activities allowed and allowable costs. 98

99 Example - Activities Allowed or Unallowed; Allowable Costs/Cost Principles (Cont.) Component Information and Communication Control Activities Reports, such as a comparison of budget to actual, provided to appropriate management for review on a timely basis. Establishment of internal and external communication channels on activities and costs allowed, and follow grant budget. Training programs, both formal and informal, provide knowledge and skills necessary to determine activities and costs allowed. Interaction between management and staff regarding questionable costs. Grant agreements (including referenced program laws, regulations, handbooks, etc.) and cost principles circulars available to staff responsible for determining activities allowed and allowable costs under federal awards. 99

100 Example - Activities Allowed or Unallowed; Allowable Costs/Cost Principles (Cont.) Component Control Activities Monitoring Management reviews supporting documentation of allowable cost information. Flow of information from federal agency to appropriate management personnel. Comparisons made with budget and expectations of allowable costs. Analytic reviews (e.g., comparison of budget to actual or prior year to current year) and audits performed. 100

101 FLORIDA SINGLE AUDIT UPDATE AND AG FINDINGS

102 Florida Single Audit Update Chapter Local Government Chapter For Profit and NFP Chapter District School Boards Chapter Charter Schools Link to website

103 Florida Single Audit Update (Cont.) Increase threshold from $500,000 to $750,000 in line with UG Increased reporting of questioned costs from $10,000 to $25,000 in line with UG For NFP and For Profit applicable for FY ended July 1, 2016 and thereafter Local Governments for FY ended September 30, 2016 and thereafter 103

104 Florida AG Findings Obtained from Report No Issued March 2017 State of Florida - Single Audit Report (SFQC) Selected findings that could be found in local entity reports Provided for information and consideration purposes 104

105 Florida AG Findings Procedures were not adequate to ensure that subrecipient audit reports were obtained and reviewed for all subrecipients and subrecipient deficiencies were timely followed up on. Data reported on quarterly Federal Financial Reports (FFRs) was not always accurate, complete, or adequately supported. Federal matching requirements not met and amounts were incorrectly reported. 105

106 Florida AG Findings Prior to awarding contracts, grantee did not always obtain conflict-of-interest forms from employees taking part in contract procurement activities. Grantee did not maintain appropriate records to support the salary and benefit costs for employees paid solely from program. Grantee did not always limit federal funds draws to amounts needed for immediate cash needs. 106

107 HHS/FEMA GRANT

108 FEMA GRANT General Information Funds received following a Presidential declaration of a major disaster Assistance provided for debris removal, emergency protective measures, and the restoration of disasterdamaged, publically owned facilities The state generally acts as grantee for the program and is responsible for providing technical advice and assistance to the local governments 108

109 FEMA GRANT General Information (Cont.) Program awards are based upon a Project Worksheet (PW) PWs are prepared by a project formulation team, which generally consists of representatives from FEMA, the state and local government The PW documents the project formulation team s determination of the eligible scope of work and cost estimate Each PW has a control number and supplemental PWs will reference the original PW 109

110 FEMA GRANT General Information (Cont.) Accelerated debris removal - to incentivize, FEMA offers a sliding scale for cost-sharing of debris removal The scale is 85% cost share for 1-30 days, 80% for days and 75% for days Unless FEMA authorizes an extension, no federal dollars will be provided for debris removal after 180 days 110

111 FEMA GRANT General Information (Cont.) Record expenditures on the SEFA when: 1. FEMA has approved the non-federal entity s PW, and 2. The non-federal entity has incurred the eligible expenditures. Federal awards expended in years subsequent to the fiscal year in which the PW is approved are to be recorded on the non-federal entity s SEFA in those subsequent years. 111

112 FEMA GRANT General Information (Cont.) Example: 1. FEMA approves the PW in fiscal year 2017 and eligible expenditures are incurred in the non-federal entity s fiscal year 2018; record the eligible expenditures in its fiscal year 2018 SEFA. 2. Eligible expenditures incurred in fiscal year 2017 and FEMA approves the PW in fiscal year 2018; record the eligible expenditures in fiscal year 2018 SEFA with a footnote that discloses the amount included on the SEFA that was incurred in a prior year. 112

113 Questions or Comments