Compliance Auditing and Preparation for Single Audit

As part of the financial audit, the auditors perform both financial and compliance procedures directly related to the expenditure by the audit organization (i.e., the entity being audited) of federal awards that are received directly from the federal government or passed through states and local agencies. The auditor is required to test compliance with applicable laws, regulations, and the provisions of contracts or grant agreements that may have a direct and material effect on each major program. Additionally, auditors are requested to test controls over compliance of federal awards. When controls are effective, auditors are permitted to reduce their sample sizes for compliance testing.

Not all federal programs are necessarily tested each year. The auditor is required to evaluate the audit organization’s programs based on the level of annual expenditures and the organization’s classification of risk of each program. The auditor is encouraged to test programs that are considered high-risk, in which the annual expenditure is less than $750,000 but greater than $187,500 (“Type B” programs). Programs (or clusters of programs) with expenditures in excess of $750,000 must be tested by the auditors at least once every three years. The programs selected by the auditor for testing are referred to as a “major program.”

A 2007 report issued by the AICPA’s Government Audit Quality, in response to the President’s Council on Integrity and Efficiency (PCIE), indicated the importance of the audit organization in the single audit process. It is important that audit organizations are well educated about the requirements of the Uniform Guidance under 2 CFR Part 200 and other reference documents (e.g., compliance supplements), as well as the audit organization’s role in the process and the importance of hiring a qualified single auditor.

The audit organization should maintain accounting records that summarize and monitor allowable expenditures both individually and collectively for grants and contracts. Individual grants or contracts may require limitations on expenditures for specific expenditure classifications or, more generally, between program and administrative costs. Additionally, allowability of expenditures is critical to federally funded programs and required to be separately identified from other activities or programs of the audit organization. Collectively, the expenditure of federal awards is required to be reported on the SEFA and data collection form.

Before applying for and expending federal funds, it is essential for an audit organization to understand federal statutes, regulations, and the terms and conditions of federal awards, and establish internal control to ensure compliance. The five components of internal control that should be considered to reasonably ensure compliance with each applicable type of compliance requirement for each federal program include:

• the control environment

• risk assessment

• control activities

• information and communication

• monitoring.

Regulations often tested by the auditors under the contract or grant agreement include:

• activities allowed or unallowed

• cash management

• eligibility

• matching, level or effort, and earmarking

• procurement, suspension and debarment

• reporting

• subrecipient monitoring by the audit organization

• special tests and provisions as outlined in the award agreement.
  

Common deficiencies of audit organizations include (a) proper reporting of all relevant information and all federally funded programs in the SEFA, (b) system of monitoring and site visits by the audit organization of sub-recipients expending pass-through funds, (c) applying matching requirements simultaneously to multiple contracts, (d) maintaining equipment records that identify assets acquired using federal funds, (e) physical inventory of equipment every two years and reconciliation to property records, (f) time records with credible documentation supporting times estimates to multiple grants, (g) timely reporting to awarding agencies, (h) shifting of costs between programs, (i) proper recognition of applicable credits (i.e. discounts, rebates, refunds or contract settlements), and (j) documentation supporting noncompetitive procurement (i.e., sole source, emergency or no response to solicitation).

Here are five steps that, if implemented, can promote audit quality:

• Verify that the audit firm has quality, knowledgeable staff with the right skills for your single audit.

• Grant your auditor access to all necessary financial and program records.

• Ensure that your key staff are available to your auditor.

• Be actively involved; take initiative to understand what your auditor is doing and ask questions when you don’t understand.

• Make the most of the exit process; ask questions about your auditor’s work, the audit opinion and other compliance reports.

Further, an audit organization can prepare for their single audit by:

• ensuring rigorous procurement processes

• developing robust governance structures

• being well educated about the single audit process and what it requires of both the audit organization and the auditors

• maintaining clean and organized records

• documenting policies and procedures

• achieving organization-wide understanding of your control system

• periodically reviewing the internal control system and its effectiveness

• monitoring new employees with respect to strict adherence to internal controls

• understanding and knowing where to find the OMB Compliance Supplements

• understanding the Single Audit Act Amendments of 1996 and Title 2 U.S. Code of Federal Regulations (CFR) Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance)

• preparing a complete and accurate SEFA

• considering the qualifications of the audit firm during the hiring process

• evaluating the reasonableness of the audit firm’s anticipated hours.

The complexity and distraction of a single audit can be substantially reduced with effective preparation, adherence to internal controls, implementing the suggestions contained in this article, and selecting an experienced audit firm that is committed to ensuring your compliance and to making the audit process a smooth and disruption-free experience.