Here Come the Feds! What a Sponsor Audit is Looking for and How to Prepare Your Institution Presented by: Richard Cordova, University of Washington Kevin Robinson, Auburn University Kim Ginn, Baker Tilly
Introductions Richard Cordova Executive Director, Internal Audit University of Washington (206) 543-4028 rcordova@uw.edu Kevin Robinson Executive Director, Internal Audit Auburn University (334) 844-4389 robinmk@auburn.edu Kim Ginn Principal Baker Tilly (703) 923 8677 kim.ginn@bakertilly.com
Session Objectives 1. Determine areas on which federal auditors are most likely to focus, and common findings from the field 2. Apply best practices for surviving a sponsor audit 3. Identify how internal audit can provide assurance and assess effectiveness of research administration processes to foster a stronger research environment
Agenda Types of Audits Conducted Who is involved in Audits The FY 2015 Audit Plans for the Major Research Agencies Common Audit Findings Recent Settlements and Audit Findings OIG Audits Recent Settlements and Audit Findings False Claims Act Settlements Practical Advice to Ease the Pain of an Audit How Internal Audit can Help References and Resources
Types of Audits
Types of Audits Conducted Government Reduce and Eliminate Fraud, Waste, and Abuse Internal Audit Improve processes and controls Reduce the number of surprises from a government audit
Sponsor/Office of Inspector General (OIG) Audits Sponsoring agencies and/or their OIG may conduct audits of recipients. Audits may be focused on a specific program/project, general research administration operations, or the larger research portfolio. Sponsor audits may be prior to the receipt of an award, during the award s life, or at its completion.
Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards OMB has streamlined and consolidated its guidance for grant recipients in a single document. The guidance raises the minimum audit (formerly detailed in Circular A-133) threshold from $500,000 to $750,000. Guidance is effective for awards (or funding increments) issued after December 26, 2014. Single Audit requirements are effective for fiscal years beginning on or after December 26, 2014.
Increased Focus on Internal Controls While grant recipients have always been required to establish and maintain effective internal controls to manage federal awards, the current guidance does not specify how to determine if internal controls are effective. The new guidance states that internal controls should be in compliance with the internal control requirements issued by: Government Accountability Office (GAO) Standards for Internal Control in the Federal Government (Green Book) AND/OR Committee of Sponsoring Organizations of the Treadway Commissions (COSO) Internal Control Integrated Framework OMB believes explicitly requiring compliance with the GAO Green Book and COSO framework will help mitigate the risks of waste, fraud and abuse on federal awards.
Internal Audit? Internal Audit s major responsibilities include: Reporting on internal controls Conducting internal audits of various offices and programs within a department Conducting internal investigations AND MAY INCLUDE: Coordinating audits and resolving audit findings by external auditors
Who is Involved in Federal Audits
OIG Audit Conducted by the OIG of a federal sponsoring agency (e.g., National Institutes of Health (NIH), National Science Foundation (NSF)). OIG audits specific awards and awardee institutions to determine whether costs charged to the award were allowable, reasonable, and properly allocated. Audits aim to identify uneconomical practices that may be altered to better use taxpayer funds and support the mission of the agency.
Federal Agencies Federal Bureau of Investigations (FBI) Homeland Security Federal Attorneys Office (Department of Justice) Federal Civil Attorneys Office Office of Human Research Protection (OHRP) Office of Research Integrity (ORI) Agency Finance Officers
Institutional Resources Involved in Audits Research Compliance Officer Grants Administration Director Institutional Review Board Internal Audit Grants Accounting Office Office of Sponsored Programs General Counsel President
FY 2015 Audit Work Plans
NIH FY 2015 OIG Audit Work Plans Superfund Financial Activities for FY 2014 Colleges and Universities Compliance with Cost Principles Oversight of Grants Management Policy Implementation Use of Appropriated Funds for Contracting Review of the National Institute of Environmental Health Sciences Funding for Bisphenol A Safety Research Added as part of the mid-year work plan update http://oig.hhs.gov/reports-and-publications/archives/workplan/2015/wp-update-2015.pdf
NSF FY 2015 OIG Audit Workplan Internal Focus: Relocation of NSF Headquarters Health and Safety in the U.S. Antarctic Program (USAP) FY 2014 and 2015 Financial Statement Audits FY 2014 and 2015 FISMA Evaluations NSF s Compliance with Improper Payments Elimination and Recovery Act (IPERA) Management Fees Inspection Travel Cards Conference Spending Cloud Computing Inspection External Focus: Awardees Management of American Recovery and Reinvestment Act (ARRA) Funds R/V Sikuliaq Incurred Costs or Accounting System Audits of 16 Institutions with ARRA Funds Assessment of Payroll Certification Pilots Audits of Various Universities, Non-Profits, and For-Profit Entities Review of Quality of Single Audits http://www.nsf.gov/oig/_pdf/2015auditplan.pdf
NSF Data Analytics Approach Data analytics-driven, risk-based methodology to improve oversight Identify institutions that may not use federal funds properly Techniques to surface questionable expenditures Life cycle approach to oversight Mapping of end-to-end process to identify controls 100% review of key financial and program information Focus attention to award and expenditure anomalies Complements traditional oversight approaches Techniques to review process and transactions are similar Transactions of questionable activities are targeted Recipients and Agency Officials can use data analytics Identify high risk activities through continuous monitoring
Common Audit Finding Areas
Consistent Audit Finding Areas The low hanging fruit Though each sponsoring agency s OIG develops an annual work plan, universities across the country have consistently received audit findings in a number of key areas over the past several years: Consistent treatment of direct and indirect costs Cost allowability Cost transfers Payroll distribution/effort reporting Subrecipient monitoring Tracking and reporting of cost sharing
Emerging Audit Finding Areas The changing landscape of federal regulations In addition to the standard audit findings that have been a focus of OIGs in the past, a number of other audit areas have emerged recently due to changing federal priorities and/ or regulations, including: Adequacy of internal controls Data management and security Direct charging of administrative costs Quality control reviews of A-133 audits
Case Study: University of Washington NSF Data Analytics Audit
Practical Advice to Ease the Pain of an Audit
How to Prepare Your Institution for an Audit General Tips 1. Identify the agency involved Review that agency s audit plan and any recently published audit reports (all information from federal sponsors is public information, and can typically be found online) Identify who will be conducting the review (many agencies are now outsourcing their audits)
How to Prepare Your Institution for an Audit General Tips (cont.) 2. Understand the focus area of the audit Carefully read the audit notification and any related requests for information Prepare as much documentation as possible in advance, and try to anticipate what materials the auditors may need Be sure to discuss any questions regarding requested information when needed You don t want to provide more information than needed, but also want to make sure the information requested and/or provided is what the auditors actually need
How to Prepare Your Institution for an Audit General Tips (cont.) 3. Assign an individual to be the audit liaison This will help make the audit process as painless and efficient as possible, both for your institution and the auditors Having one individual responsible for coordinating all audit requests will allow for greater understanding of the information needed and received by the auditors
How to Prepare Your Institution for an Audit General Tips (cont.) 4. Schedule the audit at a convenient time (if possible) Audits should be conducted when the organization is able to focus on the requests It s okay to tell an auditor that you want your accounting department to be heavily involved, but they need to get through a particular reporting period, etc. Remember, auditors are people, too!
How Internal Audit Can Help
Federal Recommendations Examine operations and programs to identify fraud vulnerabilities Establish an adequate and effective system of accounting, internal controls, records control and records retention Financial management systems Procurement systems Time and effort reporting systems Monitoring activities Adherence to terms and conditions of awards
Federal Recommendations (cont.) Implement an internal compliance and ethics program 2005: Draft OIG Compliance Program Guidance for Recipients of PHS Research Awards Standard elements (as outlined in the Federal Sentencing Guidelines) Implementing written policies and procedures Conducting internal monitoring and auditing Enforcing standards through well publicized disciplinary guidelines Responding promptly to detected problems and undertaking corrective action Defining roles and responsibilities and assigning oversight responsibility Designating a compliance officer and compliance committee Conducting effective training and education General training on ethical standards and human subject research Training on federal cost principles and grant administration regulations and policies Developing effective lines of communication
Using Internal Audit to Reinforce Compliance Across the Institution Internal Audit departments can assist institutions in building a culture of compliance related to sponsored research. Particular focus should be given to: Accounting system capabilities and utilization Administrative controls for monitoring cost charging Focus on allowability, allocability, and consistency of costs Cost transfers Payroll distribution/effort reporting Training programs provided to Principal Investigators and research personnel
References and Resources
References Grant Fraud: A Message from the National Procurement Fraud Task Force http://www.grants.gov/assets/grantfraud.pdf National Institutes of Health, Division of Grants Compliance and Oversight Common Compliance Pitfalls and Strategies for Success A Federal Perspective on Compliance http://grants.nih.gov/grants/compliance/compliance.htm#resources National Procurement Fraud Task Force, A Guide to Grant Oversight and Best Practices for Combating Fraud, February 2009 http://www.justice.gov/oig/special/s0902a/final.pdf
Additional Resources Baker Tilly www.bakertilly.com/higher-education Council on Governmental Relations www.cogr.edu National Council of University Research Administrators www.ncura.edu
Thank You! Richard Cordova Executive Director, Internal Audit University of Washington (206) 543-4028 rcordova@uw.edu Kevin Robinson Executive Director, Internal Audit Auburn University (334) 844-4389 robinmk@auburn.edu Kim Ginn Principal Baker Tilly (703) 923 8677 kim.ginn@bakertilly.com
Required disclosure and Circular 230 Prominent Disclosure The information provided here is of a general nature and is not intended to address the specific circumstances of any individual or entity. In specific circumstances, the services of a professional should be sought. Pursuant to the rules of professional conduct set forth in Circular 230, as promulgated by the United States Department of the Treasury, nothing contained in this communication was intended or written to be used by any taxpayer for the purpose of avoiding penalties that may be imposed on the taxpayer by the Internal Revenue Service, and it cannot be used by any taxpayer for such purpose. No one, without our express prior written permission, may use or refer to any tax advice in this communication in promoting, marketing, or recommending a partnership or other entity, investment plan or arrangement to any other party. Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. 2012 Baker Tilly Virchow Krause, LLP.