1 / 19

The Auditor’s Perspective

The Auditor’s Perspective. Sponsored Research Training Series Presented by: Joe Cannella (jciii@ufl.edu) Audit Director, Office of Internal Audit. Session Objectives. Obtain a general understanding of the research environment at the University of Florida from an auditor’s perspective.

dava
Download Presentation

The Auditor’s Perspective

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. The Auditor’s Perspective Sponsored Research Training Series Presented by: Joe Cannella (jciii@ufl.edu) Audit Director, Office of Internal Audit

  2. Session Objectives • Obtain a general understanding of the research environment at the University of Florida from an auditor’s perspective. • Find out what university auditors consider to be high-risk issues in sponsored research administration and accounting. • Review some audits performed as well as a summary of common issues and findings including recent examples. • Discuss what an auditor’s role should be, and how you can be prepared for an audit.

  3. The University Environment • 2009-2010 resulted in 2,800 new awards and a record $678 million • University’s Strategic Goal is to be a “Top 10 Research University” • Increased complexity in fiscal management and compliance with pressures to maintain/reduce administrative costs and budgets • NIH is the largest source of external research funding ($160 million)

  4. University of Florida The Compliance Environment • Decentralized organizational structure including indirect management and supervision. College, Departments, Faculty may be involved. • DSR, Controller, and Central Contracts and Grants offices oversee some aspects of research compliance and administration. New Research Compliance Officer. • Policies, procedures and guidance based on federal rules. External sponsors and auditors setting expectations

  5. Three Lines of Defense Board of Director/ Audit Committee Senior Management 1st Line of Defense 3rd Line of Defense 2nd Line of Defense Financial Control External Audit Internal Audit Internal Control Operational Management Regulators Security Risk Management Quality Inspection Compliance

  6. Who are the Auditors • Office of Internal Audit (OIA) http://www.oia.ufl.edu/ • Large audit universe with the associated risk impacting the scope and emphasis of engagements. Audits and reviews may be related to financial, operational, or compliance objectives. • Emphasis on assisting management with improving internal controls and understanding risk. OIA is not the owner or manager of the controls. • Reports directly to the Audit Committee of the Board of Trustees • State of Florida Auditor General http://www.myflorida.com/audgen/ • Annual Audit of Compliance and Internal Controls Over Financial Reporting and Federal Awards (A-133) • Other Audits (Financial, Operational) • Other Offices for Federal Cognizant Agencies (Region IV) • Audits may be subcontracted to external parties • Scope can vary greatly

  7. The Audit Process Is an audit like a trip to the dentist? • Initial correspondence and/or information request • Audit planning and risk assessment • Entrance conference • Analysis of internal controls • Testing (fieldwork) • Exit conference • Report draft (CCCE) • Final report • Follow-up Painful? … Sometimes … Necessary? … Yes … Beneficial? … The Goal … (Use these chances for communication to your advantage)

  8. How are Specific Sponsored Projects Selected for Audit? • Financial Impact • Award amount • $ amount of expenditures in the audit period • Federal vs. Non-Federal • High priority usually given to federally sponsored projects • Active Projects vs. Closed • Depends on scope of audit, usually active projects are selected • “Nature” of Expenses • Salary, equipment, travel, subcontracts, administrative costs, types of supplies are reviewed. NSF attempting data analytics approach so they can “review” 100% of the transactions.

  9. Research Risks • Types of risk (Financial, Operational, or Compliance) • Research administration risks generally involve a heavy compliance element • Many new rules (see COGR regulatory changes since 1991) • External audit findings or lack of institutional controls can impact public perception and/or future funding • Potential criminal charges • Large settlements for major research universities • How to manage or mitigate risks (Control, Avoid) • Controls can be preventative (generally most effective) or detective • Controls at institutional and unit levels are expected by Sponsors • If controls are working they should identify issues • Danger is not taking action when you notice a problem

  10. Audit and Risk Areas Involving Sponsored Research • Administrative and Clerical Salaries (Indirect Costs) **√ • Animal Care and Resources, IACUC • Biosafety and Select Agents (accounting and security) *√ • Clinical and Transitional Science Awards (CTSA Program) * • Clinical Trials (Data and Safety and Monitoring Boards) **√ • Conflict of Interest (financial, technical, organizational, individual) *√ • Contract and Grant Accounting (Compliance with Cost Principles) **√ • Cost and Budget Transfers (A-21 Compliance) *√ • Cost Sharing, Indirect cost accounting ** √ Same rules as direct costs • Effort Reporting , Level of Commitment **√ • Extra Service / Compensation **√ Multiple jobs, summer, supplemental pay • Foreign / Export Controls √ • Funding and various sources of financial support (Color of Money)

  11. Risk Areas - Continued • HIPAA / Privacy of Information / Data Security *√ • Human Subject Research - Institutional Review Boards • Medical /Medicare Billing *√ • Participant Support Costs (NSF review) • Recharge / Service Centers ** √ • Recovery Act (accounting, reporting, compliance, electronic records) ** • Reporting (technical, financial, interim, final) √ • Research Administration (PI/departmental) √ • Research Integrity or Misconduct • Research Laboratories (EH&S) √ • Royalty Revenues, Intellectual Property and Technology Licensing • Subcontract Monitoring (NSF review) ** Identified in recent Federal work plans (ex: DHHS OIG 2012 Work Plan) √ Recent or planned OACR activity

  12. Recent OIA Audits • Research Administration • Cost Transfers • University-wide system audits and Control Self Assessment (Purchasing Cards) • Laboratory Safety • Contracts and Grant Billing and Reporting • Research Centers • Cost Sharing • Export Controls • Indirect Costs (UF) • Time and Effort Reporting

  13. Cost Transfers • Allowability • Justification A cost transfer moves costs from one account to another to correct an error, bill interdepartmental costs, or for other reasons associated with a department’s regular financial operations. • Cost transfers should not be used as a means for managing project funds • Cost transfers may be used to correct, reassign or redistribute costs between accounts (programs / cost objects / awards) • A description of the error • How it occurred • How it was discovered • Why one project (cost object) is more appropriate than the other (nonmonetary reasons) • Why it was not reclassified on a timely basis A good justification will allow anyone reviewing the cost transfer form to understand how the expense benefits the project and why the error occurred. Don’t leave it up to the auditor to imply why the transfer occurred.

  14. Auditor’s Perspective • Auditor’s perspective should be one of “fact finding”. Auditors are taught to have professional skepticism. • Should be independent and objective • An auditor is not a “compliance officer” or business manager • Scope and objectives are important (investigation – audit – review) • Documentation is key – especially for “red flag areas” or unusual transactions • Various audit reports and communication methods

  15. Internal Audit’s Role in Coordinating Federal or State Agency Audits • Assistance with information transmittal – get the right people involved • Ability to assist with timely and complete responses • Knowledge of Institution and its practices • Follow-up and communication after audit is completed

  16. What If You Are Audited? • Make sure proper people are involved early – may be able to reduce audit scope. • Confirm auditor/investigator’s authority. • Maintain proper conduct. Make sure staff are informed and professional. Proper tone and response may be key to how audit proceeds (Auditors are people, too). • Don’t leave the investigator unattended, and make records of what has been examined and copied. • Don’t expand the scope. • Follow-up after audit is completed. • Be alert. Auditors may not know the rules applicable to your project as well as you.

  17. What If You Are Audited? • Do not make the auditors do your work; pull the records for them. • Do tell the truth and answer questions honestly and directly. If you do not know the answer, state that you will need to get back with them. • Do not do the auditors' work for them; limit your response to the question being asked. • Call a central administrator if you ever feel uncomfortable about the way an audit is being conducted. • Do not tamper with or manufacture records.

  18. Brainstorming • OIA working with university to develop a guide to help units when audited • Discussion of unit best practices and experiences • Any concerns? • Feedback on presentation Being aware of the major risks facing sponsored research management, and developing processes and controls into your daily activities, will improve the audit process and help minimize risks to the University.

  19. Questions and Contact Info. • Contact Information: • Joe Cannella, Audit Director • jciii@ufl.edu or (352) 273-1893 • New OIA website: http://www.oia.ufl.edu/(Ask the Auditors) • Compliance Hotline: http://www.compliance.ufl.edu • Division of Sponsored Research: http://www.research.ufl.edu/research.html • Contracts and Grants: http://cg.cfo.ufl.edu

More Related