Internal Control

Internal Control

Sound Check Audio is available via the Internet: Please be sure your— computer is un-muted, your speakers are on & your volume is turned up

Treatment of Recovery Act Funds Internal Control processes and procedures for ARRA funds follow the same guidelines, rules and regulations that apply to other ED grants for Government Organizations (State and Local Government Agencies)

Learning Objectives • Define & explain internal controls • Benefits • Roles and responsibilities • Internal controls & program objectives • Key components in assessing controls • Deficiencies and material weaknesses

Internal Control “…comprises the plans, methods and procedures used to meet missions, goals and objectives, and in doing so, support performance-based management. It includes the processes for planning, organizing, directing, controlling and reporting on operations.” Results via effective stewardship

Origins of Internal ControlsKey Legislation/Guidance • Federal Managers Financial Integrity Act (FMFIA) • OMB Circular A-123 • GAO Standards for Internal Control in the Federal Government • GAO Internal Control Self-Assessment Tool

Who Is Responsible? • Finance • Security • Accounting • Procurement • Project Personnel “Management should ensure that all personnel in the organization … know their roles and responsibilities… …it is every user’s responsibility to safeguard the information to which they have access, making security the job of every City employee.”

When Do You Utilize Internal Control? CONTINUALLY! Built in to each system Regulate & guide operations “…as the organization evolves the security structures will change as well. With this in mind, the computer security is not a one-time task, but a continual effort to improve data protection.”

Why Internal Control? …is the first line of defense in safeguardingassets and detecting and preventingerrors and fraud. …helps achieve desired results through effective stewardship of public resources. “Audit results indicate there is an increased risk to system vulnerabilities due to weak administrative, physical and logical security controls...”

Common State Finding Violation Unallowable costs Recommendation Return $1.3M Document $52M or return funds Outcome High-risk designation & special conditions

Common School District Findings Violation Fraudulent contracts, false invoices, embezzlement Outcome Home searched by FBI, property & assets seized, incarceration, probation, repay $92,000

Mandatory IG Reporting Agencies must include in all grants “the requirement that each grantee or sub-grantee awarded funds made available under the Recovery Act shall promptly refer to an appropriate inspector general any credible evidence that a principal, employee, agent, contractor, sub-grantee, subcontractor, or other person has submitted a false claim under the False Claims Act or has committed a criminal or civil violation of laws pertaining to fraud, conflict of interest, bribery, gratuity, or similar misconduct involving those funds.” 1-800-MISUSED OIG.HOTLINE@ED.GOV FAX 202-260-0230

Transparency & Accountability • Efficient • Economical • Effective • Ethical • Equitable RESULTS! Federal Funding Accountability & Transparency Act

Standards of Internal ControlsFive Standards of Effective Controls • Control environment • Risk assessment • Control activities • Information and communication • 5. Monitoring

Monitoring C o n m o Control Activities i m t a u m n n i r o c o n a i f t t n i o a I o i c t n i a n m u r m o f m Risk Assessment n I o C Standards of Internal ControlsControl Environment • Control environment • Risk assessment • Control activities • Information and communication • 5. Monitoring Control Environment

Standards of Internal ControlsControl Environment Factors - Examples

Standards of Internal ControlsRisk Assessment • Control environment • Risk assessment • Control activities • Information and communication • 5. Monitoring Monitoring C n o o m i Control Activities t m a u n m n r o i o n i c f t a o n a t I i i c t o i a n n m u r m o f Risk Assessment m n I o C Control Environment

Standards of Internal ControlsRisk Assessment – Risk Identification • What could go wrong? • How could we fail? • What must go right for us to succeed? • Where are we vulnerable? • What assets do we need to protect? • Do we have liquid assets or assets with alternative uses? • How could someone steal from the organization? • How could someone disrupt our operations?

Standards of Internal ControlsRisk Assessment – Risk Identification Methods • Management conferences • Executive round tables • Forecasting and strategic planning • Consideration of findings from audits and other assessments

Standards of Internal ControlsRisk Assessment – Risk Management Once risks are analyzed, consider how to: • Manage risks; i.e., accept, mitigate • How to schedule periodic re-evaluation of risks and evaluation of the effectiveness of risk mitigation mechanisms; i.e., control activities

Standards of Internal ControlsControl Activities • Control environment • Risk assessment • Control activities • Information and communication • 5. Monitoring Monitoring C n o o m i Control Activities t m a u n m n r o i o n i c f t a o n a t I i i c t o i a n n m u r m o f m n Risk Assessment I o C Control Environment

Standards of Internal Controls Control Activities – Example Control Activities • Approvals (proper person) • Authorization (proper usage) • Verification • Reconciliation • Independent checks on performance • Access controls • Recording/documenting

Standards of Internal ControlsControl Activities – Factors to Consider

Standards of Internal ControlsControl Activities – Types of Controls

Standards of Internal ControlsInformation and Communication • Control environment • Risk assessment • Control activities • Information and communication • 5. Monitoring Monitoring Information Communication Control Activities Information Communication Risk Assessment Control Environment

Standards of Internal Controls Information and Communication What information should be communicated? • Performance data • need to determine progress towards organization’s mission and vision • Operational data • need to determine organization's compliance with laws and regulations • Financial data • need to develop financial statements, budget reports, and other accounting based data

Standards of Internal Controls Information and Communication • Forms of communication: • Performance management systems • Information systems • Policy & procedures manuals • Management directives • Memos & emails • Internet & Intranet • Speeches & briefings • “Grapevine”

Standards of Internal Controls Information and Communication Factors Factors to be considered • Internal and external information on operational performance provided to management • Information distributed to the "right" people • Effective internal communications • Effective external communications • Diverse organization information systems

Standards of Internal ControlsMonitoring • Control environment • Risk assessment • Control activities • Information and communication • 5. Monitoring Monitoring C n o o m i Control Activities t m a u n m n r o i o n i c f t a o n a t I i i c t o i a n n m u r m o f m n Risk Assessment I o C Control Environment

Standards of Internal ControlsMonitoring Factors Factors to be considered: • Monitoring should be ongoing • Separate evaluations take place • Findings are resolved

Standards of Internal ControlsMonitoring Ongoing Examples • Monitoring of grantees by reviewing and using the Single Audit reports to help assess grantee performance • Monitoring contractor performance against terms and conditions of contract • Monitoring usage of cell phones, purchase/phone cards Source: U.S. Department of Education

Standards of Internal ControlsMonitoring Factors Factors to be considered • Monitoring should be ongoing • Separate evaluations take place • Findings are resolved

Standards of Internal ControlsExamples of Separate Evaluations • U.S. Department of Education • Financial statement auditors • Peer reviews • Inspector General/Public Auditor • Management control reviews

Standards of Internal ControlsMonitoring Factors Factors to be considered: • Monitoring should be ongoing • Separate evaluations take place • Findings are resolved

Internal Control - Recap • Who – Everyone • What – Procedures to help meet goals • When – All the time • Where – Everywhere • Why – Avoid mistakes – ACHIEVERESULTS!

Resource Documents EDGAR §80.20 http://www.ed.gov/policy/fund/reg/edgarReg/edgar.html Internal Control and Management & Evaluation Tool http://www.gao.gov/new.items/d011008g.pdf Standards for Internal Control in the Federal Government http://www.gao.gov/special.pubs/ai2131.pdf

Resource Documents Monitoring Tools http://www.agacgfm.org/intergovernmental/resources.aspx Federal Managers Financial Integrity Act of 1982 http://www.whitehouse.gov/omb/financial_fmfia1982/ OMB Circular A-123 http://www.whitehouse.gov/omb/circulars_a123_rev/

ARRA Contact Information State Fiscal Stabilization Fund: State.Fiscal.Fund@ed.gov, Subject = ARRA Title I, Part A Grants to LEAs: oese@ed.gov, Subject = ARRA IDEA, Parts B & C: IDEARecoveryComments@ed.gov Voc-Rehab, Independent Living Services & Centers for Independent Living: RSARecoveryActComments@ed.gov Impact Aid: impact.aid@ed.gov ED-OIG Hotline: oig.hotline@ed.gov, 1-800-MIS-USED General Info: 1-800-USA-LEARN (1-800-872-5327) For archived and future web conferences see - http://www2.ed.gov/policy/gen/leg/recovery/web-conferences.html

Questions Answers Further questions- ED contact listed on the Grant Award Notification or email RMSCommunications@ed.gov

Thank you for attending! Please complete an evaluation- Your feedback is important. http://www2.ed.gov/policy/gen/leg/recovery/rms-web-conferences.html

Internal Control