How  Strong  Is Your Grant Compliance Framework?  

Grant requirements can be complicated. Developing a systematic grant management program provides a framework to mitigate against noncompliance. A sound framework includes five main elements. Answering the following questions will help identify areas you may need to strengthen to ensure your organization’s compliance.

Who is your grant administrator?

This seems like a simple question, but if an organization only has a few grants, grant administration may be one of many roles. Or, responsibility may be shared among several roles. That situation works until the size of the organization and the complexity of the grants make responsible grant management impossible.

When the responsibility and complexity of grant management becomes too demanding to include as one of many responsibilities, it’s time to identify one person to take the lead. Eventually, that person may build the team responsible for overseeing and coordinating grant administration.

It is easy to see the benefits of having one person develop the full knowledge of grant requirements and take responsibility for establishing policies and procedures for the organization. This person provides guidance for the organization and monitors compliance requirements. They also serve as the point person for grant related audits.

Do you have policies and procedures for grant administration?

A grant administrator’s first priority is to develop policies and procedures that outline each step in the lifecycle of the grant. Typically, this document will answer the following questions:

  • Who approves grant applications?
  • Who executes grant agreements?
  • What systems will be used to track grant activities, such as qualifying expenses, reporting dates, performance metrics (both financial and programmatic)?
  • What documentation is required for compliance?
  • Who reviews and approves grant activities to ensure compliance?
  • Who develops and manages a schedule and process for annual financial reporting (financial statements and grant reporting, e.g., single audit)?
  • Who is responsible for training staff in grant requirements?
  • Are subrecipient contracts standardized, and do they comply with your responsibilities as a grantor?
  • Who is responsible for resolving audit findings?

Are you prepared for grant reporting?

One of the key responsibilities of a grant administrator is to manage deadlines (monthly, quarterly, biannually, annually, and grant close out). In addition to the initial application deadline, grants require consistent attention. You need to file updates and reports throughout the life of the grant, and they will often require specific documentation. The information in these reports must be complete, accurate, and filed promptly. If they are not, you can count on the grantor requiring you to follow-up and resolve the issues.

Do you have the resources to monitor activities?

It’s true, monitoring grants is a full-time job. Or it should be.

Being awarded a grant is the first chapter of a long story. The rest of the tale involves using the grant for its intended purposes and documenting that fact. Responsible monitoring and documentation require time, energy, systems, and personnel.

Someone should be assigned responsibility for the continuous monitoring and evaluation of grant administrative policies and procedures. This involves looking for changes in grant requirements communicated by the grantor.

For subrecipients, the grant administrator must convey the expectations about their activities and then monitor the progress toward the stated goals. On-site visits will sometimes be necessary and require time. Verifying the status of periodic reporting responsibilities can also take up resources that may already be scarce.

The final chapter of monitoring activities is to develop a clearly defined plan for responding to audit findings. Depending on the complexity of the findings, resolving these issues can require rewriting procedures, documenting changes, and verifying the implementation.

Are you ready for an audit?

While this may seem obvious, knowing your requirements should be the first step in preparing for the possibility of an audit.

In addition to reviewing grant requirements, look back at your prior year findings to confirm that they were fully resolved. If they were not, they need to be addressed immediately.

The next step in being prepared for an audit is to ensure all necessary documentation is complete and accurate. Your documentation should demonstrate compliance with the grant requirements. Usually, your materials will need to include evidence of internal controls that supports the process of reviews and approvals. Internal policies and procedures should be easily accessible. (Thankfully, once this document is complete, it only needs to be updated going forward.) When these items are assembled, make sure all reconciliations connected to the grant are complete.

Once the preparations are made, the hardest part of an audit is done. You will still need to meet with auditors and discuss expectations, timelines, and requests for information, but these are more scheduling and time management issues. If your paperwork and systems are in good order, your work will consist mainly of providing evidentiary support, and possibly providing explanations on details that may not appear obvious to an outsider.

Continuously improving your grant compliance processes

With a lot of subjectivity in the process of managing grants, along with requirements changing on a regular basis, it is important to continuously evaluate the adequacy of your grant administration policies and procedures. So, no matter what your situation is, your processes can always improve, and any deficiencies can be remediated. But it takes commitment as an organization to devote the resources to do the ongoing work of grant compliance.

Many state and local governments have compliance questions about the federal grants that were distributed during the pandemic. The reporting rules of these programs are complex, and requirements continue to evolve.

MGO’s state and local government professionals can help answer questions about these federal grants and help organizations document their systems of internal controls, improve their audit preparation, and address audit findings. Contact Linda Hurley at +1 (949) 296-4340 or [email protected] for more information on how to improve your grant compliance processes.

The Real Oversight is NOT Having an Audit Committee

By Jim Godsey, CPA, CGMA, Partner, MGO

Everything changes, except when it doesn’t

Time and time again we’ve seen reactions to various accounting scandals, after which new policies, procedures, and legislation are created and implemented. An example of this is the Sarbanes-Oxley Act (SOX) of 2002, which was a direct result of the accounting scandals at Enron, WorldCom, Global Crossing, Tyco, and Arthur Andersen.

SOX was established to provide additional auditing and financial regulations for publicly held companies to address the failures in corporate governance. Primarily it sets forth a requirement that the governing board, through the use of an audit committee, fulfill its corporate governance and oversight responsibilities for financial reporting by implementing a system that includes internal controls, risk management, and internal and external audit functions.

Governments experience challenges and oversight responsibility similar to those encountered by corporate America. Governance risks can be mitigated by applying the provisions of SOX to the public sector.

Some states and local governments have adopted similar requirements to SOX but, unfortunately, in many cases only after cataclysmic events have already taken place. In California, we only need to look back at the bankruptcy of Orange County and the securities fraud investigation surrounding the City of San Diego as examples of audit committees that were established in response to a breakdown in governance.

Taking your audit committee on the right mission

Governments typically establish audit committees for a number of reasons, which include addressing the risk of fraud, improving audit capabilities, strengthening internal controls, and using it as a tool that increases accountability and transparency. As a result, the mission of the audit committee often includes responsibility for:

  • Oversight of the external audit.
  • Oversight of the internal audit function.
  • Oversight for internal controls and risk management.

Chart(er) your course

Most successful audit committees are created by a formal mandate by the governing board and, in some cases, a voter-approved charter. Mandates establish the mission of the committee and define the responsibilities and activities that the audit committee is expected to accomplish. A wide variety of items can be included in the mandate.

Creating the governing board’s resolution is the first step on the road to your audit committee’s success.

Follow the leader(ship)

In practice we see a combination of these attributes, ranging from the full board acting as the audit committee, committees with one or more independent outsiders appointed by the board, and/or members from management and combinations of all of the above. While there are advantages and disadvantages for all of these approaches, each government needs to evaluate how to work within their own governance structure to best arrive at the most workable solution.

Strike the right balance between cost and risk

The overriding responsibility of the audit committee is to perform its oversight responsibilities related to the significant risks associated with the financial reporting and operational results of the government. This is followed closely by the need to work with management, internal auditors and the external auditors in identifying and implementing the appropriate internal controls that will reduce those risks to an acceptable level. While the cost of establishing and enforcing a level of zero risk tolerance is cost prohibitive, the audit committee should be looking for the proper balance of cost and a reduced level of risk.

Engage your audit committee with regular meetings

Depending on the complexity and activity levels of the government, the audit committee should meet at least three times a year. In larger governments, with robust systems and reporting, it’s a good practice to call for monthly meetings with the ability to add special purpose meetings as needed. These meetings should address the following:

External Auditors

  • Confirmation of the annual financial statement and compliance audit, including scope and timing.
  • Ad hoc reporting on issues where potential fraud or abuse have been identified.
  • Receipt and review of the final financial statements and auditor’s reports
  • Opinion on the financial statements and compliance audit;
  • Internal controls over financial reporting and grants; and
  • Violations of laws and regulations.

Internal Auditors

  • Review of updated risk assessments over identified areas of risk.
  • Review of annual audit plan, including status of the prior year’s efforts.
  • Status reports of ongoing and completed audits.
  • Reporting of the status of corrective action plans, including conditions noted, management’s response, steps taken to correct the conditions, expected time-line for full implementation of the corrective action and planned timing to verify the corrective action plan has been implemented.

Establish resources that are at the ready

Audit committees should be given the resources and authority to acquire additional expertise as and when required. These resources may include, but are not limited to, technical experts in accounting, auditing, operations, debt offerings, securities lending, cybersecurity, and legal services.

Taking extra steps now will save time later

While no system can guarantee breakdowns will not occur, a properly established audit committee will demonstrate for both elected officials and executive management that on behalf of their constituents they have taken the proper steps to reduce these risks to an acceptable tolerance level. History has shown over and over again that breakdowns in governance lead to fraud, waste and abuse. Don’t be deluded into thinking that it will never happen to your organization. Make sure it doesn’t happen on your watch.

10 Things Government Contractors Need to Know About Tax Reform

The $1.5 trillion new tax law represents the most sweeping change to tax code in a generation. Tax reform of this magnitude will have broad implications for government contractors. While accountants and tax departments wade through the 185-page legislation, here are the top 10 things government contractors need to know:

1. The corporate tax rate was permanently reduced from 35 percent to 21 percent.

The top corporate tax rate has been permanently reduced from 35 percent to a flat rate of 21 percent, beginning in 2018. Unlike all other provisions in the new law, including tax breaks for individuals, the new corporate tax rate provision does not expire.

2. There’s a tax break for owners of pass-through entities.

The new law provides owners of pass-through businesses — which include individuals, estates, and trusts — with a deduction of up to 20 percent of their domestic qualified business income, whether it is attributable to income earned through an S corporation, partnership, sole proprietorship, or disregarded entity. Without the new deduction, taxpayers would pay 2018 taxes on their share of qualified earnings at rates up to 37 percent. With the new 20 percent deduction, the tax rate on such income could be as low as 29.6 percent. It should again be noted that certain service industries are excluded from the preferential rate, unless taxable income is below $207,500 (for single filers) and $415,000 (for joint filers), under which the benefit of the deduction is phased out.

3. There might be huge tax benefits to changing your company’s current choice of entity.

Taxpayers should consider evaluating the choice of entity used to operate their businesses. The 21 percent reduced corporate tax rate may increase the popularity of corporations. However, factors such as the new 20 percent deduction for pass-through income, expected use of after-tax cash earnings, and potential exit values will significantly complicate these analyses. The potential after-tax cash benefits ultimately realized by owners could make choice-of-entity determinations one of the most important decisions taxpayers will now make.

4. There have been significant changes to the international tax system.

In connection with these changes, some U.S. shareholders who own stock in certain foreign corporations will have to pay a one-time “transition tax” on their share of accumulated overseas earnings. Other changes include a “participation exemption,” which is a 100 percent dividend-received deduction that permits certain domestic C corporations to receive dividends from their foreign subsidiaries without being taxed on such dividends when certain conditions are satisfied. There is also a new requirement that certain U.S. shareholders of controlled foreign corporations (CFCs) include in income their share of the “global intangible low-taxed income” of such CFCs. Finally, there are new measures to deter base erosion and promote U.S. production.

5. The corporate AMT and DPAD are dead, but Research Tax Credits live on.

The law repeals the Section 199 Domestic Production Activities Deduction (DPAD) and the corporate Alternative Minimum Tax (AMT) for tax years beginning after 2017. The Research Tax Credit was retained and is now more valuable given the reduction of the corporate tax rate from 35 percent to 21 percent.

6. They’ve scrapped NOL carrybacks and limited the use of carryforwards.

Previously, businesses were able to offset current taxable income by claiming net operating losses (NOLs), generally eligible for a two-year carryback and 20-year carryforward. Now NOLs for tax years ending after 2017 cannot be carried back, but can be indefinitely carried forward. In addition, NOLs for tax years beginning in 2018 will be subject to an 80 percent limitation. Companies will have to track their NOLs in different buckets and consider cost-recovery strategy on depreciable assets in applying the 80 percent limitation.

7. Tax reform’s impact on accounting methods may change when revenue is recognized, but new provisions could also lead to temporary and permanent tax benefits.

Under the new law, accrual basis taxpayers must now recognize income no later than the taxable year in which such income is taken into account as revenue in an applicable financial statement.

However, new provisions also provide favorable methods of accounting that were not previously available. That, coupled with the reduction in tax rates, creates a favorable and unique environment for filing accounting method changes.

There are many method changes still available for the 2017 tax year. Taxpayers should evaluate current accounting methods to identify any actionable opportunities to accelerate deductions and defer income for the 2017 tax year, which could result in significant tax savings.

8. There are new rules for bonus depreciation and full expensing on new and used property.

The new tax law allows a 100 percent first-year deduction — up from 50 percent — for the adjusted basis of qualifying assets placed in service after Sept. 27, 2017, and before Jan. 1, 2023, with a gradual phase down in subsequent years before sunsetting after 2026. The definition of qualifying property was also expanded to include used property purchased in an arm’s-length transaction. Businesses should pay close attention to any qualifying asset acquisitions made during the fourth quarter of 2017, as the full expensing can be taken on the 2017 return if the property was acquired and placed in service after Sept. 27, 2017.

Additionally, under new tax law, taxpayers may now deduct up to $1 million under Section 179 for properties placed in service beginning in 2018 — double the previous allowable amount. The phase-out threshold is increased to $2.5 million and will be indexed for inflation in future years and the types of qualifying property has been expanded.

9. The availability of the cash method of accounting expanded for small businesses.

Beginning in 2018, the average annual gross receipts threshold for businesses to use the cash method increases from $5 million to $25 million. Additionally, small businesses who meet the $25 million gross receipts threshold are not required to account for inventories and are exempt from the uniform capitalization rules. The $25 million is indexed for inflation for tax years beginning after 2018.

10. Now is the time to assess total rewards strategies.

Tax reform significantly impacts various components of an employer’s total compensation program — namely the expansion of the $1 million deduction cap on pay to covered employees; disallowed deductions for transportation fringe benefits provided to employees; income inclusion for employer-paid moving expenses; further deduction limitations on certain meal and entertainment expenses; and a two-year tax credit for employer-paid family and medical leave programs. As the IRS releases guidance, employers must immediately modify their payroll systems to reflect tax reform changes impacting individual taxpayers.

For more information about the impact of tax reform on the Government Contracting industry, please reach out to us.

Does Your Organization have a Need for an Independent Eye on Performance?

Alternative Engagement Types: Consulting Services, Agreed-Upon Procedures, and Performance Audits

By Scott P. Johnson, CPA, CGMA
Partner, Macias Gini & O’Connell LLP
State and Local Government Advisory Services

I have spent most of my professional career over the past 35 years serving government agencies and focusing on performance improvement, accountability, and transparency. I recognize the need for continuous monitoring and oversight in the public sector to ensure performance, public accountability, and stewardship of public resources. While participating on a number of professional panels and presentations throughout my career, I have often stated that I embraced the auditor and have welcomed them with open arms into the organizations that I had responsibility over. Why? Because I see auditors as an independent and objective lens, adding value to review and evaluate performance and to make recommendations for improvement. The organizations I have had the pleasure to work for took public accountability very seriously and supported performance improvement as a means to better serve their communities and stakeholders.

Much like a traditional CPA firm can provide different types of services related to an entity’s financial statements, i.e., audit, review, or compilation, based on need, when government agencies are considering an independent evaluation of performance of their programs or operations, the CPA firm’s advisory or consulting arm can step in and offer a number of engagement types based on the agency’s unique needs: consulting services engagements, attestation engagements (e.g., agreed-upon procedures), and performance audits. It all depends on if, and at what level, assurance is needed. The primary driver of what type of product should be considered is typically based on, for instance, issue complexity, taxpayer concerns or expectations, statute requirements, or increased need for transparency on the efficiency and effectiveness of operations. While the driver of the engagement may differ, time constraints and budget are also determining factors.

This is the first article in a three-part series focusing on performance audits. The primary focus of this article is to discuss the differences of the three aforementioned types of engagements – consulting services, agreed-upon procedures, and performance audits – and to provide guidance when a performance audit might be an option.

It is important to identify the differences between (1) performance audits, (2) consulting services engagements, and (3) agreed-upon procedures attestation engagements. On numerous occasions throughout my government service career and also while serving clients, questions have come up regarding the objectives sought, the scope of the engagement, and the engagement type when considering an evaluation of performance for a particular program or area of operations. Each of these engagements differ in purpose and reporting requirements, as well as potential cost, as shown below in Figure 1.0. These engagements are governed by different standards, formal reports are not always required for each, and independence is not always required (i.e., consulting services).

Performance Audits Defined

Performance audits are defined as engagements that provide objective analysis, findings, and conclusions to assist management and those charged with governance and oversight to, among other things, improve program performance and operations, reduce costs, facilitate decision making by parties with responsibility to oversee or initiate corrective action, and contribute to public accountability. *1

Furthermore, GAGAS states that management and officials of government programs are responsible for providing reliable, useful, and timely information for transparency and accountability of these programs and their operations. Legislators, oversight bodies, those charged with governance, and the public need to know whether (1) management and officials manage government resources and use their authority properly and in compliance with laws and regulations; (2) government programs are achieving their objectives and desired outcomes; and (3) government services are provided effectively, efficiently, economically, ethically, and equitably. *2

Agreed-Upon Procedures (AUP)

Based on my experience, it usually comes down to identifying a few factors that determine the engagement. First, the agency must determine the purpose and scope of the work, specifically what questions they would like to have answered. These questions can be broad or very narrow. For example, in an AUP, management may make an assertion about whether a subject matter is in accordance with, or based on, established criteria that is the responsibility of a third party and hires a CPA to add credibility to that assertion by performing specific procedures to test compliance with the criteria. If an agency needs to know something very specific and wants an independent party to perform specific procedures and tell them what was found, then an AUP is appropriate. However, an AUP report does not provide recommendations, an opinion, or conclusion about whether the subject matter is in accordance with, or based on, the criteria, or state whether the assertion is fairly stated. While the agency may want to use an AUP, some key steps that are taken in consulting engagements and performance auditing, such as planning, are not required in an AUP engagement. Also, risk is not assessed in developing the scope, nor does the auditor use a risk-based approach, which is required in a performance audit. Finally, in an AUP, auditors do not perform sufficient work to be able to develop elements of a finding or provide recommendations.

1 See Paragraph 1.21 of GAGAS.
2 See Paragraph 1.02 of GAGAS.

Consulting Services Engagement vs. Performance Audit

For a consulting services engagement or performance audit, the initial questions are then turned into the objectives of the engagement. If the agency wants an objective review of operations or a program to assist them in making decisions, for example, to assess the management of specific funds, and wants findings and recommendations to improve operations, then the agency should discuss the options of a consulting services engagement or a performance audit. From here, the decisions are truncated. The agency needs to consider whether the report is for an internal audience, such as governing officials, management, or staff, or an external audience, e.g., a regulatory agency or the public. If the communication is intended for internal use, then a consulting services engagement with observations and recommendations may suffice. For these engagements, findings, recommendations, and a conclusion is provided to assist management in decision making. Or, an independent third party, such as a CPA or an internal auditor, may be asked to answer the engagement’s objectives to an external audience, in which case a performance audit may be more appropriate due to the need for an independent, objective report that can withstand scrutiny and is subject to peer review. Sometimes there isn’t a choice; some agencies are bound by the government code or local ordinance to conduct audits under GAGAS.

Performance audits are typically the more costly engagement type of the three, given the amount of work required to conduct an audit and adhere to stringent standards. As we’ll explore in later articles, performance audits conducted under GAGAS provide the highest level of assurance among the three options, based on the level of work required. These audits involve developing the required elements of a finding and the documentary evidence required for planning, fieldwork, and reporting. The amount of work involved is much greater than in consulting services engagements, where observations and recommendations will suffice. Consulting services engagements are not audits and, therefore, offer no assurance. Similarly, in attestation engagements, where only specific procedures are performed, no assurance is provided. *3

Conclusion

Having been on both sides of deciding what engagement to recommend, either for an agency I worked at or to a client, it’s important to discuss the level of work required for each engagement type, the number of hours required to do the work under the appropriate standard within a reasonable time period, and the available budget. Finally, and most importantly, clients should understand that performance audits and consulting services engagements each have their place and serve unique purposes. A performance audit offers independence and objectivity at a step above a consulting services engagement, and might be the best option if a rigorous audit of a program or agency is needed. This is where the consideration of the agency’s need is paramount. There may not always be the budget or time available to conduct a comprehensive performance audit, nor a need for an in-depth evaluation or a legislative requirement to do so. In these instances, a consulting services engagement is a good option, especially when time and budget are factors. A consulting services engagement can provide a sufficient report with recommendations and advice. However, it’s important to make the agency aware of the limitations of non-audit services. In addition, the audience of the final report product and any regulatory requirements should strongly influence the decision-making process.

Forthcoming articles in this series will drill down and focus in more detail on the professional standards associated with performance audits as compared to other types of engagements, “why” an agency would want a performance audit instead of a consulting engagement or an agreed-upon procedures engagement, when a performance audit would be recommended, what key factors should be considered, and what are the expectations of the audience of the report. The third article in this series will focus on the reporting elements of a performance audit and a sample performance audit report.

*3  Attestation engagement standards are covered in GAGAS Chapter 7, and include agreed-upon-procedures, reviews, and examination engagements. Attestation examinations have the highest level of assurance, as an opinion is given; not so for the others. Auditors may use GAGAS in conjunction with other professional standards such as American Institute of Certified Public Accountants (AICPA), International Auditing and Assurance Standards Board (IAASB), or Public Company Accounting Oversight Board (PCAOB) standards. For financial audits and attestation engagements, GAGAS incorporates by reference for AICPA Statements on Auditing Standards and Statements on Standards for Attestation Engagements. In addition, the AICPA promulgates the consulting standards. AICPA standard committees have taken the position that only the U.S. Government Accountability Office (GAO) sets performance audit standards.

CLICK HERE to download article from AICPA >

SOURCES OF INFORMATION AND DOCUMENTATION CONSIDERED

  • Government Auditing Standards, issued by the Comptroller General of the United States
    – July 2018 Revision (effective for performance audits beginning on or after July 1, 2019; effective for attestation engagements for periods ending on or after June 30, 2020; early implementation is not permitted)
  • United States General Accounting Office. Best Practices Methodology – A New Approach for Improving Government Operations. May 1995

About the Author

Scott Johnson has 35 years of experience in government administration, with a focus on successfully overseeing internal service operations including; debt management, information technology, human resources, municipal finance, and budget. He has led large and mid-sized operations for California government agencies including the cities of Santa Clara, Milpitas, San Jose, Oakland, and Concord and the County of Santa Clara. Scott is a past president of the California Society of Municipal Finance Officers (CSMFO) and a member of the AICPA Government Performance and Accountability Committee (GPAC). He is currently a partner with Macias Gini & O’Connell LLP (MGO), leading the Advisory Services sector specializing in State and Local Governments, based out of California. He welcomes any questions or comments via email: [email protected].

Greta MacDonald, MPA – Special recognition is given to Ms. MacDonald for her contributions and research for this article. Ms. MacDonald is a Director with MGO in the State and Local Government Advisory Services division. She has over 17 years of experience conducting over 35 performance audits in accordance with GAGAS, which is her specialization area.

Disclaimer: The views expressed in this article are those of the author and do not reflect the official policy or position of the GAO, AICPA, or Macias Gini & O’Connell LLP.