Federal Grant Guidance Compliance SPEAKER Melisa F. Galasso, CPA mgalasso@cbh.com Cherry Bekaert LLP
Learning Objectives Describe the changes in the Uniform Grant Guidance List ways to implement changes 2
Agenda Background Personally Identifiable Information Internal Controls Over Compliance Procurement Pass-through Entities SEFA Major Program Determination 3
Have you read Title 2 Part 200? A. Front to Back B. Summaries of the Information C. I m hoping this session replaces the need 4
Background
What s The Purpose? The goal of this reform is to deliver on the President s directives to (1) streamline our guidance for Federal awards to ease administrative burden and (2) strengthen oversight over Federal funds to reduce risks of waste, fraud, and abuse. Streamlining existing OMB guidance will increase the efficiency and effectiveness of Federal awards to ensure best use of the more than $500 billion expended annually. 6
About the Law Title 2 in the Code of Federal Regulations (2 CFR) Grants and Agreements Part 200 - Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards Subpart A Acronyms and Definitions Subpart B Subpart C General Provisions Pre-Federal Award Requirements and Contents of Federal Awards Subpart D Subpart E Subpart F 7 Post Federal Award Requirements Cost Principles Audit Requirements
Appendices Appendix I Appendix II Appendix III Appendix IV Appendix V Appendix VI Appendix VII Full Text of Notice of Funding Opportunity Contract Provisions for Non-Federal Entity Contracts Under Federal Awards Indirect (F&A) Costs Identification and Assignment, and Rate Determination for Institutions of Higher Education (IHEs) Indirect (F&A) Costs Identification and Assignment, and Rate Determination for Nonprofit Organizations State/Local Governmentwide Central Service Cost Allocation Plans Public Assistance Cost Allocation Plans States and Local Government and Indian Tribe Indirect Cost Proposals Appendix VIII Nonprofit Organizations Exempted From Subpart E Cost Principles of Part 200 Appendix IX Appendix X 8 Appendix XI Hospital Cost Principles Data Collection Form (Form SF-SAC) Compliance Supplement
When Is A Single Audit Required When a non-federal entity expends federal awards (either direct or indirect awards) in excess of $750,000 in their fiscal year A non-federal entity includes all of the following that carry out a Federal award as a recipient or subrecipient: States & Local governments Indian tribes Institutions of higher education (IHE) Not-for-profit organization 9
Funding Increments UGG applies to funding increments to existing awards in cases where the federal agency considers the funding increments to be an opportunity to modify the terms and conditions of the award. Existing federal awards that do not receive incremental funding with new terms and conditions will continue to be governed by the terms and conditions of the federal award. 10
Pass-Through Awards Subrecipients and subawards The effective date of the UGG for subawards is the same as the effective date of the federal award from which the subaward is made The requirements for a subaward, no matter when made, flow from the requirements of the original federal award from the federal awarding agency 11
Fixed Amount Awards Incorporates new coverage on fixed amount awards 12 Payments are based on meeting specific requirements of the Federal Award Accountability is based on performance and results Award amount is negotiated using cost principles as a guide No governmental review of the actual costs incurred Significant changes must receive prior awarding agency written approval
Implementation Consideration Identifying old vs new money 13
PII
200.79, Personally Identifiable Information Information that can be used to distinguish or trace an individual's identity, either alone or when combined with other personal or identifying information that is linked or linkable to a specific individual 15
200.82, Protected Personally Identifiable Information Protected PII means an individual's first name or first initial and last name in combination with any one or more of types of information Social security number Passport number Credit card numbers Biometrics Date and place of birth Mother's maiden name Criminal, medical and financial records, educational transcripts 16
Implementation Issues Identifying controls that can be implemented to properly protect PPII 17
Internal Control
200.303, Internal Controls Non-Federal Entity MUST have effective internal control Best Practices 19 Standards for Internal Control in the Federal Government (Green Book) issued by the Comptroller General of the United States Internal Control Integrated Framework, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO)
Definition Internal control is a process, effected by an entity s board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives relating to operations, reporting, and compliance. 20
Process Not a serial process but a dynamic and integrated process Each organization implements internal controls differently Must be able to adapt to changing business and operating environments More than just policies and procedures 21 Requires use of judgment
Effected by People Management and boards of directors use of judgment to determine how much control is enough Management, internal auditors, other personnel apply judgment as they monitor and assess the effectiveness of the system of internal control Not merely about policy and procedure manuals, systems, and forms 22
Reasonable Assurance Does not provide absolute assurance Limitations of internal controls Collusion Management override External events beyond the organizations control Bad judgments or decisions 23
Top Down Risk Based Top Down Start with entity level controls Risk Based What are the entity s biggest risks? 24
Allowable Cost Control Objective To provide reasonable assurance that Federal awards are expended only for allowable activities and that the costs of goods and services charged to Federal awards are allowable and in accordance with the applicable cost principles 25
26 So What s The Risk?
27 How Can We Mitigate The Risk?
28 What is the evidence of the control?
Control Activities Process in place for timely updating of procedures for changes in activities allowed and cost principles. Supporting documentation compared to list of allowable and unallowable expenditures. Adjustments to unallowable costs made where appropriate and follow-up action taken to determine the cause. Adequate segregation of duties in review and authorization of costs. Accountability for authorization is fixed in an individual who is knowledgeable of the requirements for determining activities allowed and allowable costs. 29
What About the Other Components? Control Environment Management sets reasonable budgets for Federal and non-federal programs so that no incentive exists to miscode expenditures. Management provides personnel approving and preauditing expenditures with a list of allowable and unallowable expenditures. 30
What About the Other Components? Information & Communication Training programs, both formal and informal, provide knowledge and skills necessary to determine activities and costs allowed. Interaction between management and staff regarding questionable costs. 31
What About the Other Components? Monitoring Management reviews supporting documentation of allowable cost information. Comparisons made with budget and expectations of allowable costs. Analytic reviews (e.g., comparison of budget to actual or prior year to current year) and audits performed. 32
What Will We Be Looking For? Correct determination of which of grants/incremental funding are subject to new requirements Implemented procedures and controls to ensure grants comply with applicable requirements People who perform internal controls 33 Know which requirements apply to which grants Understand the difference in the requirements Correctly apply new requirements and controls to new grants
Implementation Issues Identifying where changes need to be made Tracking changes to ICOC 34
Procurement
36 Every year, one out of every three dollars governments spend goes toward purchasing something -- from photo copier ink to new vehicle fleets -- to help provide services.
Procurement Standards Generally based on the requirements in A-102 Sections 200.317 through 200.326 States - property and services purchases must follow the same policies and procedures it uses for procurements from its non-federal funds All other non-federal entities (including Subrecipients of a state) must have written procurement procedures that reflect the procurement standards 37
General Procurement Standards The non-federal entity must 38 Use its own documented procurement procedures Oversee contractors Avoid acquisition of unnecessary or duplicative items Use only responsible contractors Maintain sufficient records Have written conflict of interest policies Including organizational conflicts of interest
Methods of Procurement Approved procurement methods Procurement by micro-purchases (new) Procurement by small purchase procedures Procurement by sealed bids (formal advertising) Procurement by competitive proposals Procurement by noncompetitive proposals 39
Procurement Methods 1. Micro-purchases Acquisition of supplies or services value not to exceed $3,000 Awarded without soliciting competitive quotations if price is considered reasonable 40
Procurement Methods 2. Small purchase procedures Subject to simplified acquisition threshold ($150,000) Price or rate quotations must be obtained from an adequate number of qualified sources Please note that adequate number is not defined 41
Procurement Methods 3. Procurement by sealed bids Public solicited Fixed price contract awarded to lowest bidder Preferred for procuring construction 42
Procurement Methods 4. Competitive proposals 43 RFP must be publicized Proposals solicited from adequate number of qualified sources Organization must have written method for conducting evaluation of proposals received Contract awarded to the firm with proposal most advantageous to the program price and other factors considered
Procurement Methods 5. Non-competitive proposals - ONLY appropriate when: 44 Goods or services are only available from a single source There is a public emergency After soliciting number of sources competition is deemed inadequate NEW: Awarding agency expressly authorized noncompetitive proposals in response to written request from organization
Grace Period for Procurement Two fiscal years beginning on or after 12/26/14 Entity must document whether they meet the old or new standard Entity must meet their documented standard Expect compliance supplement to require testing of compliance with documented standard 45
What s the Big Deal? Documented procurement procedures Comply with new, detailed requirements Must maintain oversight of contractors/vendors Contract administration system is not required Conflicts of interest and other standards of conduct 46 Avoid unnecessary or duplicative items Shared goods and services Use excess and surplus property instead of buying new
Conflict of interest The Federal awarding agency must establish conflict of interest policies for Federal awards The non-federal entity must disclose in writing any potential conflict of interest to the Federal awarding agency or pass-through entity in accordance with applicable Federal awarding agency policy 47
Implementation Issues Insuring compliance Documenting grace period 48
Pass-through Entities
Review of Merit of Proposals For competitive grants or cooperative agreements Agency must design and execute a merit review process for applications This process must be described or incorporated by reference in the applicable funding opportunity 50
Review of Risk Posed by Applicants For competitive grants or cooperative agreements, the Federal awarding agency must have in place a framework for evaluating the risks posed by applicants before they receive Federal awards Awarding agency must comply with the guidelines on government-wide suspension and debarment 51
May Consider Risk Review Financial stability Quality of management systems History of performance Reports and findings from audits 52
Requirements for Pass-Through Entities All PTE must ensure that every subaward is clearly identified as a subaward and include the following: Federal Award Identification All requirements imposed by the pass-through entity on the subrecipient Any additional requirements that the pass-through entity imposes on the subrecipient to meet its own responsibility Indirect Cost Rate 53
Requirements for PTE Cont d A requirement to permit the pass-through entity & auditors to have access to the subrecipient's records and financial statements Appropriate terms and conditions concerning closeout of the subaward 54
55 Requirements for PTE Cont d Evaluate each subrecipient's risk of noncompliance Use risk assessment to determine if additional monitoring may be necessary Monitor subrecipient s activities to ensure compliance and achievement of goals Verify that every subrecipient is audited as required by Subpart F Consider taking enforcement action against noncompliant subrecipients
Implementation Issues Documenting risk assessments 56
SEFA
Auditee Responsibility The auditee is responsible for preparing the SEFA for the period covered by the auditee s financial statements. The Uniform Guidance specifies the content required to be included in the SEFA. Preparation of the SEFA by the auditor is considered a nonaudit service 58
SEFA List individual federal programs by federal agency. Cluster of programs. Provide the cluster name, list individual federal programs within the cluster, and provide the applicable federal agency name. 59
R&D Research and Development (R&D) Total federal awards expended must be shown either by individual federal award or by federal agency and major subdivision within the federal agency (i.e. National Institutes of Health is a major subdivision of Department of Health and Human Services) 60
SEFA For federal awards received as a subrecipient, the name of the pass-through entity and identifying number assigned by the pass-through entity. Provide total federal awards expended for each individual program and the CFDA number or other identifying number when the CFDA information is not available. 61 For a cluster, also provide the total for the cluster.
SEFA Include the total amount provided to subrecipients from each federal program. The value of noncash awards, such as free rent, food commodities, donated property, and donated surplus property must be included on the face of the SEFA 62
SEFA For loan or loan guarantee programs, identify in the notes to the schedule the balances outstanding at the end of the audit period. In addition to including the total federal awards expended in the schedule. In significant accounting policies note whether or not the auditee elected to use the 10% de minimis cost rate. 63
Loan & Loan Guarantee In determining the value of total federal awards expended for loans and loan guarantees, in addition to the value of new loans made or received during the audit period, auditees must include the balances of loans from previous years in the SEFA if the federal government imposes continuing compliance requirements. 64
Auditor Responsibilities The auditor is required to provide an opinion (or disclaimer of opinion) on whether the SEFA is fairly stated, in all material respects, in relation to the financial statement as a whole. 65
Implementation Issues Insuring all the new criteria are included in the updated SEFA 66
67 Major Program Determination
Four Step Approach Identify Type A Programs Identify lowrisk Type A Programs Identify high-risk Type B Programs Determine Major Programs to audit 68
A Assessment The risk criteria used in the determination of low-risk type A programs is different than the risk criteria used in the determination of high-risk type B programs. The criteria to be used in determining type A programs is VERY limited This means that less auditor judgment is allowed in the risk assessment of type A programs.
B Assessment Not required to identify more high-risk type B programs than at least 1/4 the number of low-risk type A programs. Once the required number of high-risk type B programs have been identified, the auditor can discontinue further risk assessments of type B programs. Auditor is encouraged to use an approach which provides an opportunity for different high-risk type B programs to be audited as major over a period of time. 70
B Assessment It is possible to risk assess all of an auditee s type B programs and determine that fewer than ¼ the number of LR type A programs are HR type B programs, or that none are HR type B programs. Any programs determined to be HR type B programs are required to be audited as a major program. You are required to perform risk assessments on only type B programs that exceed 25% of the type A threshold. 71
Loan Programs Federal program providing loans is one in which the value of federal awards expended for loans within the program comprises 50% or more of the total federal awards for the program Large loan program is one in which the federal program providing loans exceeds four times the largest non-loan program. A large loan program is a type A program and its value is excluded when determining the type A threshold. 72
MPD Training auditors in proper MPD 73
Where do we go from here?
200.109 Review date OMB will review this part [Part 200] at least every five years after December 26, 2013 75
Questions? Melisa F Galasso, CPA Senior Manager Audit Professional Practices mgalasso@cbh.com 704.778.1305 cbh.com