Post on 25-Dec-2015
Single Audit Changes Take The Stage
Federal agencies must implement policies and procedures by promulgating regulations to be effective December 26, 2014◦ Accomplished with issuance of recent Joint Interim Final Rule
Non-federal entities will need to implement the new administrative requirements and cost principles for all new Federal awards made after December 26, 2014, and to additional funding to existing awards (referred to as funding increments) made after that date◦ Non-federal entities wishing to implement entity-wide system changes to
comply with the guidance after December 26, 2014, will not be penalized for doing so
Audit requirements effective for fiscal years beginning on or after December 26, 2014◦ Not permitted to early implement any of the audit provisions
Effective Dates
2
March 31, 2015, June 30, 2015, and September 30, 2015 year-ends◦ Non-federal entities will have to adopt new administrative
requirements and cost principles relating to all new federal awards and to funding increments to existing awards
◦ Single audit requirements continue to use “old” regulation ◦ Auditor compliance testing will be affected by client adoption of
“new” requirements (i.e., will likely have to test some awards subject to the “old” requirements and some the “new” requirements)
December 31, 2015, year-ends and beyond◦ New single audit requirements apply◦ Auditors may have to test some awards subject to the “old”
requirements and some the “new” requirements for several years
Effective Dates - interpreted
3
COFAR FAQ .110-11◦ Subrecipients & Subawards
Effective date for subawards is the same as the effective date of the Federal award from which the subaward is made.
The requirements for a subaward, no matter when made, flow from the requirements of the original Federal award from the Federal awarding agency.
Effective Dates – Pass-Through Awards
4
Why are we seeing modifications to 8 different Circulars?◦ Executive Order 13520 “Reducing Improper
Payments”
◦ Presidential Memorandum “Administrative Flexibility, Lower Costs, & Better Results for State, Local , & Tribal Governments”
◦ Goal is to increase efficiency and effectiveness of the grant process and better focus the Single Audit to reduce fraud, waste, and abuse
Why the Changes?
5
Audits of Federal Awards
(OMB Circular A-133)
6
Effective date to be challenging for compliance testing◦ Likely to take several years for “old” funding to
run out◦ Challenges related to funds received by
subrecipients from pass-through entities (PTE) 2015 Compliance Supplement will be key Federal agency implementation actions in
the Joint Interim Final Rule need to be understood
Transition Old to New
7
2015 Supplement will be used for audits performed under Circular A-133 and the Uniform Guidance
Federal workgroups working to develop new and updated guidance
There will be two Part 3 sections in 2015◦ One for testing awards subject to UG administrative
and cost principle requirements◦ One for testing awards subject to “old” rules◦ Transitional information will be included
Parts 4 and 5 may be affected as well
Transition Old to New
8
Summary of changes from the current requirements◦ Increases audit threshold from $500,000 to
$750,000◦ Type A/B threshold – minimum increases from
$300,000 to $750,000◦ Loan/loan guarantee treatment in major program
determination◦ High-risk Type A program criteria ◦ High-risk Type B program criteria◦ Percentage of coverage from 50/25% to 40/20%◦ Low-risk auditee criteria◦ Schedule of expenditures of federal awards changes◦ Audit findings (threshold from $10,000 to $25,000)
Circular A-133 Today and the Future
9
10
High-Risk Type A ProgramCurrent A-133 criteria: Not audited as major program in 1
of 2 most recent audit periods In most recent period had Any
Audit Finding◦ Provided for auditor judgment
in limited cases, e.g., very small questioned costs
Auditor considered risk related to:◦ Federal or PTE oversight◦ Inherent risk◦ Results of audit follow-up◦ Changes in personnel or
systems
Uniform Guidance: SAME “two year look-back” In most recent period had a High
Risk Audit Finding identified as: Modified opinion Material weakness in internal
control Known or likely questioned costs
exceeding 5% of total program expenditures
Auditor only considers risk related to: Federal or PTE oversight Results of audit follow-up Changes in personnel or systems.
Key – An entity with strong internal controls and few audit findings will have fewer high-risk Type A programs
11
High-Risk Type B ProgramCurrent A-133
criteria: Currently there are two Type B
risk assessment options:◦ Option 1 – Perform risk
assessments on all Type B programs and select at least 50% of Type B programs identified as high risk up to number of low-risk Type A programs
◦ Option 2 – Perform risk assessments on all Type B programs until as many high-risk Type B programs have been identified as there are low-risk
Type A programs.
Uniform Guidance: Perform risk assessments on Type
B programs until high-risk Type B programs have been identified up to at least 1/4th of number of low-risk Type A programs
Type B program de minimis consideration (new criteria is 25% of Type A threshold)
12
Current A-133 criteria (2 prior years)
Annual single audits Unmodified opinion on financial
statements in accordance with GAAP Unmodified SEFA in-relation-to opinion No GAGAS material weaknesses In either of preceding two years, none
of Type A programs had:◦ Material Weakness◦ Material noncompliance◦ QC that exceed 5%
Timely filing with FAC Auditor reporting of going concern
would not preclude low-risk Waivers
Low-Risk Auditee Uniform Guidance (2 prior years)
Annual single audits Unmodified opinion on financial
statements in accordance with GAAP or basis of accounting required by state law **
Unmodified SEFA in-relation-to opinion
No GAGAS material weaknesses In either of preceding two years,
none of Type A programs had:◦ Material Weakness◦ Material noncompliance◦ QC that exceed 5%
Timely filing with FAC ** No auditor reporting of going concern No waivers
13
Low-Risk Auditee If state law permits but does not require an
auditee to prepare financial statements in accordance with a basis that is not GAAP (e.g., cash, regulatory), auditee cannot be considered low-risk auditee
If the non-GAAP basis of accounting is required by state law, auditee can be considered low-risk auditee
If auditee voluntarily prepares financial statements on a non-GAAP basis of accounting (e.g., cash or modified cash), auditee cannot be considered low-risk auditee
Coverage Rule - Old High Risk = 50% of Total Federal Awards Expended
Low Risk = 25% of Total Federal Awards Expended
Coverage Rule - New High Risk = 40% of Total Federal Awards Expended
Low Risk = 20% of Total Federal Awards Expended
◦ Scenario A high risk entity which has $1,000,000 in federal
expenditures would require a minimum coverage amount of what
Percentage of Coverage Rule
14
The City of Notmanygrants received an unmodified opinion on their last audit of federal awards for FY 2014. The City did receive a finding related to a lack of segregation of duties to cash collections (F.S. finding); classified as a significant deficiency by the predecessor auditor. During fiscal year 2016 the city was a recipient of $500 thousand of CDBG (CFDA # 14.218) of which the city had spent $350 thousand during the fiscal year. The City also was reimbursed $500 thousand related to Disaster Grants – Public Assistance (CFDA # 97.036).
The City also prepares their financial statements in accordance with generally accepted accounting practices.
Case Study High/Low Risk Auditee
15
You have been awarded the audit during Fiscal Year 2016; based on the information provide would you classify the City as a low or high risk entity?
Case Study High/Low Risk Auditee
16
Wantalotta Grants County has received a Single Audit in the prior three years with all years receiving unmodified opinions. A material weakness was reported in Fiscal Year 2013 regarding financial reporting but they have not had any material weakness or material noncompliance findings in regards to their Type A programs since Fiscal Year 2013.
The County has requested the reports and auditors opinions be issued by 2/28/2017 for the fiscal year-end June 30, 2016. As part of planning purposes you’ve reviewed the prior three audit report dates and filings with the federal clearing house and noted that two of three years have been completed and filed by January 15th and the prior year was completed by April 15th. The Counties preliminary SEFA reports $2.5 million in federal expenditures.
Case Study High/Low Risk Auditee
17
Based on the information provide would you classify this entity as a low or high risk entity?
Case Study High/Low Risk Auditee
18
Town of ImaTiredofCaseStudies has received a Single Audit in the prior three years with all years receiving unmodified opinions. They also have not received any findings reported as a material weakness and no reporting of any going concern.
The Town has a fiscal year end of June 30, and has filed with the Federal Audit Clearinghouse on time in each of the last 3 years.
.
Case Study High/Low Risk Auditee
19
Based on the information provide would you classify this entity as a low or high risk entity?
Based on your assessment calculate the number of programs required to meet the coverage rules in the following slide.
Case Study High/Low Risk Auditee
20
Federal awards expended: Type A/B High/Low
Program 1 $1,200,000 HProgram 2 $1,000,000 HProgram 3 $2,000,000 LProgram 4 $ 800,000 LProgram 5 $ 600,000 HProgram 6 $ 450,000 LProgram 7 $ 250,000 HProgram 8 $ 150,000 H
Total $6,450,000
Coverage calculation
21
What if we had changed the previous case study to say the following:
Town of ImaTiredofCaseStudies has received a Single Audit in the prior three years with all years receiving unmodified opinions. They also have not received any findings reported as material weaknesses. However, they are in extreme financial distress and received a paragraph in their audit report expressing a going concern.
The Town has a fiscal year end of June 30, and has filed with the Federal Audit Clearinghouse on time in each of the last 3 years.
Case Study High/Low Risk Auditee
22
Based on the information provide would you classify this entity as a low or high risk entity?
Based on your assessment calculate the number of programs required to meet the coverage rules in the following slide.
Case Study High/Low Risk Auditee
23
Federal awards expended: Type A/B High/Low
Program 1 $1,200,000 HProgram 2 $1,000,000 HProgram 3 $2,000,000 LProgram 4 $ 800,000 LProgram 5 $ 600,000 HProgram 6 $ 450,000 LProgram 7 $ 250,000 HProgram 8 $ 150,000 H
Total $6,450,000
Coverage calculation
24
25
SEFA Considerations (200.510(b)) Provide cluster of programs total Total amount provided to subrecipients
from each federal program For loans and loan guarantees, identify in
the notes to the SEFA loan balances outstanding at the end of the audit period
Include in the notes to the SEFA whether or not non-federal entity elected to use the 10% de minimis cost rate
Loans◦ Current – “…inclusion of large loan and loan guarantees
(loans)should not result in the exclusion of other programs as Type A programs…”
◦ New – “…Federal program providing loans exceeds four times the largest non-loan program it is considered large, and the auditor shall consider this Federal program as a Type A program and exclude its values in determining other Type A programs…”
Was a safe harbor inclusion in the compliance supplement
MAJOR PROGRAM DETERMINATION - Loan Consideration
26
Initial thought was to reduce the # of requirements and streamlining the remaining
Current proposal:◦ No Changes◦ Any changes would need additional further public
outreach before making changes to the Compliance Supplement
◦ AICPA doesn’t expect changes until 2015 C.S.
Compliance Requirements
27
Current Questioned Costs: Auditor shall report known/likely questioned costs
greater then $10,000
Proposed Questioned Costs:◦ Auditor shall report known/likely questioned costs
greater than $25,000
Why the change in reporting threshold?
Audit Findings
28
New language related to the specific information to include in audit findings:◦ Federal Award Identification
CFDA Title & Name Award Identification number & Year Federal Agency & Pass-through entity
◦ Criteria ◦ Condition◦ Statement of cause ◦ Statement of the effect or potential effect ◦ Known QC must include the CFDA #(s) and the award number(s) ◦ Perspective section (isolated, prevalent, type of sampling used)◦ Identify if the finding is a repeat finding (and the prior year audit finding
#)◦ Recommendation◦ Views of Responsible Officials
Audit Findings
29
Change to responsibilities for cognizant agency:◦ To advise independent auditors of noteworthy or
factual trends related to the quality of audits (based on quality control reviews)
◦ Significant problems/quality issues identified shall be referred to the state licensing agency & professional body
◦ Cognizant agency = Awarding agency, Management decisions will be sent the Clearinghouse & made available electronically.
Federal Agency Responsibilities
30
Follow-up to audit findings◦ Issue Mgmt Decision & submit to the Audit
Clearinghouse
◦ Monitor corrective action (timely/appropriate)
◦ Develop a mechanism to evaluate effectiveness of the audit follow-up process
◦ Provide Compliance Supplement Updates Remember fraud, waste, & abuse
Federal Agency Responsibilities
31
Single Audit Accountability official◦ Reported by each awarding agency to OMB
◦ Point of contact for single audit (federal & non-federal)
◦ Promote interagency coordination, consistency, & sharing of information
◦ Oversee training of agency personnel involved in the S.A process
◦ Ensure timely & appropriate follow-up & Corrective Action to findings
Federal Agency Responsibilities
32
Part 6 - Internal Control◦Updates needed for new COSO internal
control guidance◦Auditees (and auditors) consider looking to
updated COSO or Government Accountability Office Green Book
◦Expect part to be updated in future supplements
Internal Controls
33
34
Internal Controls
Topic•Strong Emphasis on Internal Controls•Mentioned 103 times in the 12/26/2013 Federal Register notice
Uniform Guidance Synopsis
•References “Standards for Internal Controls in the Federal Government”, issued by the Comptroller General (also known as the “Green Book”) and “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO)
What Does This Mean?
•While OMB has clarified in an FAQ that there is no expectation that we have to explicitly follow these referenced guidelines (as long as we have effective internal controls in place), it is unclear what the audit community will expect.
The non-Federal entity must:◦ (a) Establish and maintain effective internal control over the
Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO).
COFAR FAQ 303-1, 2, and 3 clarifies that should indicates a “best practice” and is not a presumptively mandatory requirement.
Internal Controls
35
Control Environment
Risk Assessment
Control Activities
Information & Communication
Monitoring Activities
Update principles of effective internal control
1.Demonstrates commitment to integrity and ethical values2.Exercises oversight responsibility3.Establishes structure, authority and responsibility4.Demonstrates commitment to competence5.Enforces accountability
6.Specifies suitable objectives7.Identifies and analyzes risk8.Assesses fraud risk9.Identifies and analyzes significant change
10.Selects and develops control activities11. Selects and develops general controls over technology12.Deploys through policies and procedures
13.Uses relevant information14.Communicates internally15.Communicates externally
16.Conducts ongoing and/or separate evaluations17.Evaluates and communicates deficiencies
36
Guidance on subrecipient versus contractor determination expanded and relocated to administrative requirements◦ Criteria for determination basically unchanged
New requirements for PTEs with regard to monitoring activities◦ UG contains much more detailed than guidance previously
contained in Compliance Supplement◦ PTEs required to perform a risk assessment of subrecipient
Subrecipient(s)
37
Under the Super Circular – Agreements are required to include 15 specific data elements, including (§ 200.331) :◦ Subrecipient name (which must match registered
name in DUNS)◦ Federal award identification number (FAIN)◦ Federal award date (see § 200.39, “Federal award
date”)◦ CFDA number/name◦ Amount of Federal funds obligated
(Continued)
Subrecipient (pass through agreement)
38
◦ Project description◦ General & Specific Terms/Conditions◦ Identification of whether the award is for R&D◦ Access to records◦ Indirect cost rate for the Federal award (including
if the de minimis rate is charged per § 200.414, “Indirect (F&A) costs”)
Subrecipient (pass through agreement)
39
Pass-through entities are required to do the following:◦ Perform risk assessments to determine appropriate
subrecipient monitoring.◦ Perform appropriate and ongoing monitoring of each
subrecipient. On-site reviews, training, technical assistance, and contracting for an agreed-upon procedure engagement for monitoring are all examples of various monitoring efforts organizations may employ.
◦ Review reports that the pass-through entities require of the subrecipient
◦ Verify subrecipients have audits, as needed◦ Consider how to address subrecipient noncompliance◦ Issue a management decision for audit findings of the
subrecipient within six months
Subrecipient Monitoring
40
Discussion of reducing audit deadline from 9 months to 6 or 3 months after year-end.◦ Will this occur?
Publication of Single Audit Reports online with safeguards for protected personally identifiable information (Audit Clearinghouse)◦ Auditees & Auditors must ensure PPI is not
included◦ Exception for Indian Tribes
Additional Items of Interest
41
COST PRINCIPLES
42
Affects Circulars:◦ A-21 – Educational Institutions◦ A-87 – State, Local & Indian Tribal Governments◦ A-122 – Non-Profit Organizations ◦ 45 CFR Part 75 – Hospitals
• Consolidate Cost Circulars into one Streamlined document. Aimed at eliminating confusion for entities (including
Federal agencies). Benefit auditors whom audit multiple types of grant
recipient entities.
Reforms to Cost Principles
43
Changes/Initiatives:◦Indirect Cost Rates
Option of requesting extension of negotiated rate for a four (4) year period.
Can you request a rate review once the extension has been granted?
Can the Federal agency opt out or force renegotiation of the rate?
Indirect Cost Rate
44
Entities that never received or do not have a negotiated IDCR?
◦ Opt to use a minimum flat rate of 10% of modified total direct cost (MTDC)
◦ MTDC = Salaries/wages, benefits, supplies, travel, sub-grants, subcontracts.
Indirect Cost Rate
45
Pass-Through Entities must honor as the IDCR:
◦ IDCR negotiated between the subrecipient and the Federal government
◦ A negotiated rate between the pass-through & subrecepient (using federal guidelines)
◦ Or the de minimis IDCR (10%)
Allowing costs for efforts to collect improper payment recoveries (remember fraud, waste and abuse)
Indirect Cost Rate
46
Added to encourage recipient entities to assist in recovery
◦ Cost may be Direct or Indirect
◦ If recovered amounts exceed cost must be treated in accordance with cash management standards.
Cost of Improper Payment Recovery
47
Consolidate language between circulars
Focus on strong internal controls to justify costs of salaries and wages
When charges are based on budgeted amounts, IC must exist to ensure adjustments are made to amounts charged to Fed Awards
There is a requirement that charges must be based on records that accurately reflect the work performed and there are requirements for such records
Auditors need to focus on understanding how this change will impact their clients and consider how this area will be audited in the future
Removal of specific examples of compliance◦ Informally have become a rule vs example
Time & Effort Reporting
48
Administrative Requirements
49
Affects Primarily Circulars:◦ A-89 – Catalog of Federal Domestic Assistance◦ A-102 – Grants & Cooperative Agreements with
State and Local Govts.◦ A-110 – Uniform Admin Requirements for
Grants/Agreements with Higher Educ., Hospitals, & Non-Profit Organizations.
• Consolidate Administrative Circulars into one Streamlined document.
Reforms to Administrative Requirements
50
Requiring pre-award consideration of each proposal's merit and each applicant's financial risk◦ Considered pro-active prevention of fraud, waste,
and abuse Why?
◦ Requires Federal Agencies to est. merit-based review process & Disclosure criteria for the view Flexibility in the process/review is given to the
Federal Agencies
Reforms to Administrative Requirements
51
Require all notices of funding be open for a minimum of 30 days
◦ Notification of funding will be made through the Catalog of Federal Financial Assistance
Clarify record retention requirements◦ Three years from date of submission of the last
expenditure report Annual/quarterly renewed awards – date of
submission of quarterly/annual financial report
Reforms to Administrative Requirements
52
Use documented procurement procedures Maintain oversight Written standards of conduct - No conflicts
of interest Most economical purchase option Maintain records on history of procurement Must conduct in a manner providing full and
open competition Methods (Next slide)
Procurement
53
Five methods prescribed in great detail◦ Procurement by micro-purchase (<$3,000)◦ Procurement by small purchase ($3,000 to $150,000)
Evaluation your policy and ensure it is not in conflict with threshold – requires price or rate quotations from an adequate number of constitute
◦ Procurement by sealed bids (formal advertising) ◦ Procurement by competitive proposal ◦ Procurement by noncompetitive proposal
Micro-purchases only new method under guidance; no requirement to obtain competitive quotes.
Procurement - Methods
54
Procurement
55
Procurement
56
57
Procurement - Effective Date and Grace Period (COFAR FAQ .110-6)
For compliance with the new procurement standards only, the federal government is providing a grace period of one full fiscal year after the effective date of the Uniform Guidance
The COFAR FAQ goes on to provide information on certain documentation that the non-federal entity will have to provide in this regard and how it will affect the single audit in its first year.
58
2018 Study of Single Audit Quality UG requires federal study of quality once
every six years beginning in 2018◦ Statistically reliable estimate of the extent that
single audits conform to applicable requirements, standards, and procedures
◦ Will result in recommendations to address noted audit quality issues
Results of reviews must be made public 2018 timing may result in audits
implementing the UG for the first time being selected as part of the review
Computer Equipment under $5,000 or the non-federal entity capitalization level are considered supplies and not equipment. (200.94)
Program Income – not previously defined in Circular A-133 is now included (200.80)
More specific language related to Subreceipient Monitoring & Management (200.330 - .32)
Other Items of Interest
59