federal agencies must implement policies and procedures by promulgating regulations to be effective...

Single Audit Changes Take The Stage

Federal agencies must implement policies and procedures by promulgating regulations to be effective December 26, 2014◦ Accomplished with issuance of recent Joint Interim Final Rule

Non-federal entities will need to implement the new administrative requirements and cost principles for all new Federal awards made after December 26, 2014, and to additional funding to existing awards (referred to as funding increments) made after that date◦ Non-federal entities wishing to implement entity-wide system changes to

comply with the guidance after December 26, 2014, will not be penalized for doing so

Audit requirements effective for fiscal years beginning on or after December 26, 2014◦ Not permitted to early implement any of the audit provisions

Effective Dates

2

March 31, 2015, June 30, 2015, and September 30, 2015 year-ends◦ Non-federal entities will have to adopt new administrative

requirements and cost principles relating to all new federal awards and to funding increments to existing awards

◦ Single audit requirements continue to use “old” regulation ◦ Auditor compliance testing will be affected by client adoption of

“new” requirements (i.e., will likely have to test some awards subject to the “old” requirements and some the “new” requirements)

December 31, 2015, year-ends and beyond◦ New single audit requirements apply◦ Auditors may have to test some awards subject to the “old”

requirements and some the “new” requirements for several years

Effective Dates - interpreted

3

COFAR FAQ .110-11◦ Subrecipients & Subawards

Effective date for subawards is the same as the effective date of the Federal award from which the subaward is made.

The requirements for a subaward, no matter when made, flow from the requirements of the original Federal award from the Federal awarding agency.

Effective Dates – Pass-Through Awards

4

Why are we seeing modifications to 8 different Circulars?◦ Executive Order 13520 “Reducing Improper

Payments”

◦ Presidential Memorandum “Administrative Flexibility, Lower Costs, & Better Results for State, Local , & Tribal Governments”

◦ Goal is to increase efficiency and effectiveness of the grant process and better focus the Single Audit to reduce fraud, waste, and abuse

Why the Changes?

5

Audits of Federal Awards

(OMB Circular A-133)

6

Effective date to be challenging for compliance testing◦ Likely to take several years for “old” funding to

run out◦ Challenges related to funds received by

subrecipients from pass-through entities (PTE) 2015 Compliance Supplement will be key Federal agency implementation actions in

the Joint Interim Final Rule need to be understood

Transition Old to New

7

2015 Supplement will be used for audits performed under Circular A-133 and the Uniform Guidance

Federal workgroups working to develop new and updated guidance

There will be two Part 3 sections in 2015◦ One for testing awards subject to UG administrative

and cost principle requirements◦ One for testing awards subject to “old” rules◦ Transitional information will be included

Parts 4 and 5 may be affected as well

Transition Old to New

8

Summary of changes from the current requirements◦ Increases audit threshold from $500,000 to

$750,000◦ Type A/B threshold – minimum increases from

$300,000 to $750,000◦ Loan/loan guarantee treatment in major program

determination◦ High-risk Type A program criteria ◦ High-risk Type B program criteria◦ Percentage of coverage from 50/25% to 40/20%◦ Low-risk auditee criteria◦ Schedule of expenditures of federal awards changes◦ Audit findings (threshold from $10,000 to $25,000)

Circular A-133 Today and the Future

9

10

High-Risk Type A ProgramCurrent A-133 criteria: Not audited as major program in 1

of 2 most recent audit periods In most recent period had Any

Audit Finding◦ Provided for auditor judgment

in limited cases, e.g., very small questioned costs

Auditor considered risk related to:◦ Federal or PTE oversight◦ Inherent risk◦ Results of audit follow-up◦ Changes in personnel or

systems

Uniform Guidance: SAME “two year look-back” In most recent period had a High

Risk Audit Finding identified as: Modified opinion Material weakness in internal

control Known or likely questioned costs

exceeding 5% of total program expenditures

Auditor only considers risk related to: Federal or PTE oversight Results of audit follow-up Changes in personnel or systems.

Key – An entity with strong internal controls and few audit findings will have fewer high-risk Type A programs

11

High-Risk Type B ProgramCurrent A-133

criteria: Currently there are two Type B

risk assessment options:◦ Option 1 – Perform risk

assessments on all Type B programs and select at least 50% of Type B programs identified as high risk up to number of low-risk Type A programs

◦ Option 2 – Perform risk assessments on all Type B programs until as many high-risk Type B programs have been identified as there are low-risk

Type A programs.

Uniform Guidance: Perform risk assessments on Type

B programs until high-risk Type B programs have been identified up to at least 1/4th of number of low-risk Type A programs

Type B program de minimis consideration (new criteria is 25% of Type A threshold)

12

Current A-133 criteria (2 prior years)

Annual single audits Unmodified opinion on financial

statements in accordance with GAAP Unmodified SEFA in-relation-to opinion No GAGAS material weaknesses In either of preceding two years, none

of Type A programs had:◦ Material Weakness◦ Material noncompliance◦ QC that exceed 5%

Timely filing with FAC Auditor reporting of going concern

would not preclude low-risk Waivers

Low-Risk Auditee Uniform Guidance (2 prior years)

Annual single audits Unmodified opinion on financial

statements in accordance with GAAP or basis of accounting required by state law **

Unmodified SEFA in-relation-to opinion

No GAGAS material weaknesses In either of preceding two years,

none of Type A programs had:◦ Material Weakness◦ Material noncompliance◦ QC that exceed 5%

Timely filing with FAC ** No auditor reporting of going concern No waivers

13

Low-Risk Auditee If state law permits but does not require an

auditee to prepare financial statements in accordance with a basis that is not GAAP (e.g., cash, regulatory), auditee cannot be considered low-risk auditee

If the non-GAAP basis of accounting is required by state law, auditee can be considered low-risk auditee

If auditee voluntarily prepares financial statements on a non-GAAP basis of accounting (e.g., cash or modified cash), auditee cannot be considered low-risk auditee

Coverage Rule - Old High Risk = 50% of Total Federal Awards Expended

Low Risk = 25% of Total Federal Awards Expended

Coverage Rule - New High Risk = 40% of Total Federal Awards Expended

Low Risk = 20% of Total Federal Awards Expended

◦ Scenario A high risk entity which has $1,000,000 in federal

expenditures would require a minimum coverage amount of what

Percentage of Coverage Rule

14

The City of Notmanygrants received an unmodified opinion on their last audit of federal awards for FY 2014. The City did receive a finding related to a lack of segregation of duties to cash collections (F.S. finding); classified as a significant deficiency by the predecessor auditor. During fiscal year 2016 the city was a recipient of $500 thousand of CDBG (CFDA # 14.218) of which the city had spent $350 thousand during the fiscal year. The City also was reimbursed $500 thousand related to Disaster Grants – Public Assistance (CFDA # 97.036).

The City also prepares their financial statements in accordance with generally accepted accounting practices.

Case Study High/Low Risk Auditee

15

You have been awarded the audit during Fiscal Year 2016; based on the information provide would you classify the City as a low or high risk entity?


16

Wantalotta Grants County has received a Single Audit in the prior three years with all years receiving unmodified opinions. A material weakness was reported in Fiscal Year 2013 regarding financial reporting but they have not had any material weakness or material noncompliance findings in regards to their Type A programs since Fiscal Year 2013.

The County has requested the reports and auditors opinions be issued by 2/28/2017 for the fiscal year-end June 30, 2016. As part of planning purposes you’ve reviewed the prior three audit report dates and filings with the federal clearing house and noted that two of three years have been completed and filed by January 15th and the prior year was completed by April 15th. The Counties preliminary SEFA reports $2.5 million in federal expenditures.


17

Based on the information provide would you classify this entity as a low or high risk entity?


18

Town of ImaTiredofCaseStudies has received a Single Audit in the prior three years with all years receiving unmodified opinions. They also have not received any findings reported as a material weakness and no reporting of any going concern.

The Town has a fiscal year end of June 30, and has filed with the Federal Audit Clearinghouse on time in each of the last 3 years.

.


19


Based on your assessment calculate the number of programs required to meet the coverage rules in the following slide.


20

Federal awards expended: Type A/B High/Low

Program 1 $1,200,000 HProgram 2 $1,000,000 HProgram 3 $2,000,000 LProgram 4 $ 800,000 LProgram 5 $ 600,000 HProgram 6 $ 450,000 LProgram 7 $ 250,000 HProgram 8 $ 150,000 H

Total $6,450,000

Coverage calculation

21

What if we had changed the previous case study to say the following:

Town of ImaTiredofCaseStudies has received a Single Audit in the prior three years with all years receiving unmodified opinions. They also have not received any findings reported as material weaknesses. However, they are in extreme financial distress and received a paragraph in their audit report expressing a going concern.

The Town has a fiscal year end of June 30, and has filed with the Federal Audit Clearinghouse on time in each of the last 3 years.


22


Based on your assessment calculate the number of programs required to meet the coverage rules in the following slide.


23

Federal awards expended: Type A/B High/Low

Program 1 $1,200,000 HProgram 2 $1,000,000 HProgram 3 $2,000,000 LProgram 4 $ 800,000 LProgram 5 $ 600,000 HProgram 6 $ 450,000 LProgram 7 $ 250,000 HProgram 8 $ 150,000 H

Total $6,450,000

Coverage calculation

24

25

SEFA Considerations (200.510(b)) Provide cluster of programs total Total amount provided to subrecipients

from each federal program For loans and loan guarantees, identify in

the notes to the SEFA loan balances outstanding at the end of the audit period

Include in the notes to the SEFA whether or not non-federal entity elected to use the 10% de minimis cost rate

Loans◦ Current – “…inclusion of large loan and loan guarantees

(loans)should not result in the exclusion of other programs as Type A programs…”

◦ New – “…Federal program providing loans exceeds four times the largest non-loan program it is considered large, and the auditor shall consider this Federal program as a Type A program and exclude its values in determining other Type A programs…”

Was a safe harbor inclusion in the compliance supplement

MAJOR PROGRAM DETERMINATION - Loan Consideration

26

Initial thought was to reduce the # of requirements and streamlining the remaining

Current proposal:◦ No Changes◦ Any changes would need additional further public

outreach before making changes to the Compliance Supplement

◦ AICPA doesn’t expect changes until 2015 C.S.

Compliance Requirements

27

Current Questioned Costs: Auditor shall report known/likely questioned costs

greater then $10,000

Proposed Questioned Costs:◦ Auditor shall report known/likely questioned costs

greater than $25,000

Why the change in reporting threshold?

Audit Findings

28

New language related to the specific information to include in audit findings:◦ Federal Award Identification

CFDA Title & Name Award Identification number & Year Federal Agency & Pass-through entity

◦ Criteria ◦ Condition◦ Statement of cause ◦ Statement of the effect or potential effect ◦ Known QC must include the CFDA #(s) and the award number(s) ◦ Perspective section (isolated, prevalent, type of sampling used)◦ Identify if the finding is a repeat finding (and the prior year audit finding

#)◦ Recommendation◦ Views of Responsible Officials

Audit Findings

29

Change to responsibilities for cognizant agency:◦ To advise independent auditors of noteworthy or

factual trends related to the quality of audits (based on quality control reviews)

◦ Significant problems/quality issues identified shall be referred to the state licensing agency & professional body

◦ Cognizant agency = Awarding agency, Management decisions will be sent the Clearinghouse & made available electronically.

Federal Agency Responsibilities

30

Follow-up to audit findings◦ Issue Mgmt Decision & submit to the Audit

Clearinghouse

◦ Monitor corrective action (timely/appropriate)

◦ Develop a mechanism to evaluate effectiveness of the audit follow-up process

◦ Provide Compliance Supplement Updates Remember fraud, waste, & abuse


31

Single Audit Accountability official◦ Reported by each awarding agency to OMB

◦ Point of contact for single audit (federal & non-federal)

◦ Promote interagency coordination, consistency, & sharing of information

◦ Oversee training of agency personnel involved in the S.A process

◦ Ensure timely & appropriate follow-up & Corrective Action to findings


32

Part 6 - Internal Control◦Updates needed for new COSO internal

control guidance◦Auditees (and auditors) consider looking to

updated COSO or Government Accountability Office Green Book

◦Expect part to be updated in future supplements

Internal Controls

33

34

Internal Controls

Topic•Strong Emphasis on Internal Controls•Mentioned 103 times in the 12/26/2013 Federal Register notice

Uniform Guidance Synopsis

•References “Standards for Internal Controls in the Federal Government”, issued by the Comptroller General (also known as the “Green Book”) and “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO)

What Does This Mean?

•While OMB has clarified in an FAQ that there is no expectation that we have to explicitly follow these referenced guidelines (as long as we have effective internal controls in place), it is unclear what the audit community will expect.

The non-Federal entity must:◦ (a) Establish and maintain effective internal control over the

Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO).

COFAR FAQ 303-1, 2, and 3 clarifies that should indicates a “best practice” and is not a presumptively mandatory requirement.

Internal Controls

35

Control Environment

Risk Assessment

Control Activities

Information & Communication

Monitoring Activities

Update principles of effective internal control

1.Demonstrates commitment to integrity and ethical values2.Exercises oversight responsibility3.Establishes structure, authority and responsibility4.Demonstrates commitment to competence5.Enforces accountability

6.Specifies suitable objectives7.Identifies and analyzes risk8.Assesses fraud risk9.Identifies and analyzes significant change

10.Selects and develops control activities11. Selects and develops general controls over technology12.Deploys through policies and procedures

13.Uses relevant information14.Communicates internally15.Communicates externally

16.Conducts ongoing and/or separate evaluations17.Evaluates and communicates deficiencies

36

Guidance on subrecipient versus contractor determination expanded and relocated to administrative requirements◦ Criteria for determination basically unchanged

New requirements for PTEs with regard to monitoring activities◦ UG contains much more detailed than guidance previously

contained in Compliance Supplement◦ PTEs required to perform a risk assessment of subrecipient

Subrecipient(s)

37

Under the Super Circular – Agreements are required to include 15 specific data elements, including (§ 200.331) :◦ Subrecipient name (which must match registered

name in DUNS)◦ Federal award identification number (FAIN)◦ Federal award date (see § 200.39, “Federal award

date”)◦ CFDA number/name◦ Amount of Federal funds obligated

(Continued)

Subrecipient (pass through agreement)

38

◦ Project description◦ General & Specific Terms/Conditions◦ Identification of whether the award is for R&D◦ Access to records◦ Indirect cost rate for the Federal award (including

if the de minimis rate is charged per § 200.414, “Indirect (F&A) costs”)

Subrecipient (pass through agreement)

39

Pass-through entities are required to do the following:◦ Perform risk assessments to determine appropriate

subrecipient monitoring.◦ Perform appropriate and ongoing monitoring of each

subrecipient. On-site reviews, training, technical assistance, and contracting for an agreed-upon procedure engagement for monitoring are all examples of various monitoring efforts organizations may employ.

◦ Review reports that the pass-through entities require of the subrecipient

◦ Verify subrecipients have audits, as needed◦ Consider how to address subrecipient noncompliance◦ Issue a management decision for audit findings of the

subrecipient within six months

Subrecipient Monitoring

40

Discussion of reducing audit deadline from 9 months to 6 or 3 months after year-end.◦ Will this occur?

Publication of Single Audit Reports online with safeguards for protected personally identifiable information (Audit Clearinghouse)◦ Auditees & Auditors must ensure PPI is not

included◦ Exception for Indian Tribes

Additional Items of Interest

41

COST PRINCIPLES

42

Affects Circulars:◦ A-21 – Educational Institutions◦ A-87 – State, Local & Indian Tribal Governments◦ A-122 – Non-Profit Organizations ◦ 45 CFR Part 75 – Hospitals

• Consolidate Cost Circulars into one Streamlined document. Aimed at eliminating confusion for entities (including

Federal agencies). Benefit auditors whom audit multiple types of grant

recipient entities.

Reforms to Cost Principles

43

Changes/Initiatives:◦Indirect Cost Rates

Option of requesting extension of negotiated rate for a four (4) year period.

Can you request a rate review once the extension has been granted?

Can the Federal agency opt out or force renegotiation of the rate?

Indirect Cost Rate

44

Entities that never received or do not have a negotiated IDCR?

◦ Opt to use a minimum flat rate of 10% of modified total direct cost (MTDC)

◦ MTDC = Salaries/wages, benefits, supplies, travel, sub-grants, subcontracts.

Indirect Cost Rate

45

Pass-Through Entities must honor as the IDCR:

◦ IDCR negotiated between the subrecipient and the Federal government

◦ A negotiated rate between the pass-through & subrecepient (using federal guidelines)

◦ Or the de minimis IDCR (10%)

Allowing costs for efforts to collect improper payment recoveries (remember fraud, waste and abuse)

Indirect Cost Rate

46

Added to encourage recipient entities to assist in recovery

◦ Cost may be Direct or Indirect

◦ If recovered amounts exceed cost must be treated in accordance with cash management standards.

Cost of Improper Payment Recovery

47

Consolidate language between circulars

Focus on strong internal controls to justify costs of salaries and wages

When charges are based on budgeted amounts, IC must exist to ensure adjustments are made to amounts charged to Fed Awards

There is a requirement that charges must be based on records that accurately reflect the work performed and there are requirements for such records

Auditors need to focus on understanding how this change will impact their clients and consider how this area will be audited in the future

Removal of specific examples of compliance◦ Informally have become a rule vs example

Time & Effort Reporting

48

Administrative Requirements

49

Affects Primarily Circulars:◦ A-89 – Catalog of Federal Domestic Assistance◦ A-102 – Grants & Cooperative Agreements with

State and Local Govts.◦ A-110 – Uniform Admin Requirements for

Grants/Agreements with Higher Educ., Hospitals, & Non-Profit Organizations.

• Consolidate Administrative Circulars into one Streamlined document.

Reforms to Administrative Requirements

50

Requiring pre-award consideration of each proposal's merit and each applicant's financial risk◦ Considered pro-active prevention of fraud, waste,

and abuse Why?

◦ Requires Federal Agencies to est. merit-based review process & Disclosure criteria for the view Flexibility in the process/review is given to the

Federal Agencies


51

Require all notices of funding be open for a minimum of 30 days

◦ Notification of funding will be made through the Catalog of Federal Financial Assistance

Clarify record retention requirements◦ Three years from date of submission of the last

expenditure report Annual/quarterly renewed awards – date of

submission of quarterly/annual financial report


52

Use documented procurement procedures Maintain oversight Written standards of conduct - No conflicts

of interest Most economical purchase option Maintain records on history of procurement Must conduct in a manner providing full and

open competition Methods (Next slide)

Procurement

53

Five methods prescribed in great detail◦ Procurement by micro-purchase (<$3,000)◦ Procurement by small purchase ($3,000 to $150,000)

Evaluation your policy and ensure it is not in conflict with threshold – requires price or rate quotations from an adequate number of constitute

◦ Procurement by sealed bids (formal advertising) ◦ Procurement by competitive proposal ◦ Procurement by noncompetitive proposal

Micro-purchases only new method under guidance; no requirement to obtain competitive quotes.

Procurement - Methods

54

Procurement

55

Procurement

56

57

Procurement - Effective Date and Grace Period (COFAR FAQ .110-6)

For compliance with the new procurement standards only, the federal government is providing a grace period of one full fiscal year after the effective date of the Uniform Guidance

The COFAR FAQ goes on to provide information on certain documentation that the non-federal entity will have to provide in this regard and how it will affect the single audit in its first year.

58

2018 Study of Single Audit Quality UG requires federal study of quality once

every six years beginning in 2018◦ Statistically reliable estimate of the extent that

single audits conform to applicable requirements, standards, and procedures

◦ Will result in recommendations to address noted audit quality issues

Results of reviews must be made public 2018 timing may result in audits

implementing the UG for the first time being selected as part of the review

Computer Equipment under $5,000 or the non-federal entity capitalization level are considered supplies and not equipment. (200.94)

Program Income – not previously defined in Circular A-133 is now included (200.80)

More specific language related to Subreceipient Monitoring & Management (200.330 - .32)

Other Items of Interest

59

federal agencies must implement policies and procedures by promulgating regulations to be effective...

Documents

old requirements

requirements effective

new federal awards

new single audit requirements

current requirements

cost principle requirements

testing awards subject

federal agencies