600 likes | 739 Views
P U B L I C S E C T O R. 2005 NASACT Annual Conference. KPMG LLP. Nancy Valley Partner National Industry Leader – Public Sector KPMG LLP
E N D
P U B L I C S E C T O R 2005 NASACT Annual Conference KPMG LLP Nancy ValleyPartner National Industry Leader – Public Sector KPMG LLP August 15, 2005
Agenda • Governance and Controls Trends in State & Local Government • AGA State & Local Government Research Sponsorship • Mission • Advisory Group • Survey • Demographics • Audit Committee • Internal Control Evaluation and Reporting • Certifications, Fraud & Whistleblower Protections • Corporate De-brief of S-O Results
Governance and Controls Trends in State & Local Government- Pressure to Take Action -
Government’s Reaction to Internal Control Standards “Government should lead by example, we should be as good or better than those we are regulating.” Comptroller General David M. Walker, June 2003, CFO Magazine
Government’s Early Implementator in Government and Non Profits • Federal Agencies • US Postal Service • Pension Benefit Guaranty Corp • Homeland Security • State Agencies • NY State Public Authorities • Pension Plans • Enterprise Funds/Component Units • Non-Profit – Significant Voluntary Adoption
Internal Control Enhancements at the Federal Level: OMB A-123 - Significant Revisions • Effective June of ‘06 • Establish and document a controls assessment process • No separate controls audit required, BUT permits OMB to require an audit • Establish a senior assessment team
What is driving the push toward S-O in government? • Government Accountability Office (GAO) and David Walker’s comments • Office of Management and Budget (OMB), management’s responsibility for internal control • Inquiries from rating agencies • Enterprise funds / public benefit corporations with cross-over board members
AGA/NASACT Research Project - Mission • The Association of Government Accountants and the National Association of State Auditors, Comptrollers, and Treasurers (NASACT) undertook a research project sponsored by KPMG. • The goal was to assess the current and future state of audit and internal control assessments in state and local government (SLG) and to evaluate whether improvement is needed. • Conducted by AGA staff with the assistance of NASACT staff • Advisory Group composed of SLG comptrollers and auditors
AGA/NASACT Research Project – The Advisory Group • State representation • Ernest Almonte – RI, State Auditor • Susan Driver – TX, Director of Internal Audit, Office of the Comptroller of Public Accounts • Auston Johnson – UT, State Auditor • Walter Kucharski – VA, State Auditor (Bill Cole) • Doug Ringler – MI, Director, Support Service Division, Office of Financial Management • M. Kathryn Ross – OR, Statewide Internal Control Officer, State Controller’s Division
AGA/NASACT Research Project – The Advisory Group • Local representation • Warren Ruppel – City of New York, Assistant Comptroller Comptroller’s Office • Albert Scaperotto – City of Philadelphia, Deputy City Controller • James A. Webster – Prince William County, Audit Director, Office of Executive Management
AGA/NASACT Research Project – The Survey • Title II of S-O – Auditor Independence • Section 201 – Non-Audit Services • Section 203 – Audit Partner Rotation • Section 204 – Auditor Reports to Audit Committees • Section 206 – Conflicts of Interest • Title III of S-O – Corporate Responsibility • Section 301 – Audit Committees • Section 302 – Corporate Responsibility for Financial Reports • Section 303 – Improper Influence on Conduct of Audits • Section 304 – Forfeiture of Certain Bonuses and Profits
AGA/NASACT Research Project – The Survey (cont’d) • Title IV of S-O – Enhanced Financial Disclosures • Section 404 – Management Assessment of Internal Controls • Section 406 – Code of Ethics for Senior Financial Officers • Section 407 – Disclosure of Audit Committee Financial Expert
AGA/NASACT Research Project – The Survey (cont’d) • Title VIII of S-O – Corporate Responsibility and Criminal Fraud Accountability • Section 802 – Criminal Penalties for Altering Documents • Section 806 – Protection for Employees who Provide Evidence of Fraud • Miscellaneous • Internal Control Framework • Best Practices
Survey Methodology • Total of 433 responses in all • Survey sent to 574 NASACT members, state auditors/ comptrollers/local auditors, generating 63 responses (11%). • Survey also sent to 1,305 of AGA’s state and local members, to a target group not covered by NASACT local controller types - but also allowed others to respond. • AGA received 369 responses, a response rate of 28%.
Survey Methodology • Population • NASACT, as administrative agent for the National Association of Local Government Auditors (NALGA), also maintains an e-mail address list for members of NALGA. • NASACT sent e-mails on 5/24 with the linked survey to all state auditors/state comptrollers and local government auditors that are members of NALGA. • An e-mail with the linked survey was also sent on 5/24 to a group of “ccs” maintained by NASACT - comprised of deputy auditors/comptrollers designated to be copied on information sent to principal state auditors/comptrollers.
Survey Methodology • Population • AGA targeted members who had described themselves as being either 1) state auditor types, 2) local auditor types, 3) state comptroller types (e.g., financial managers, or CFOs), or 4) local comptroller types. • Their mailings included an accompanying letter encouraging recipients to give the survey to others in their organization who may have had an interest in responding to the survey.
Respondent Summary • 43% of respondents classified themselves as representing a city or county • 47% of respondents classified themselves as representing a state organization (i.e., state or state entity). • 10% balance divided among: • School Districts (14), Colleges and Universities (7), Local Public Authorities (9), Local Public Utilities (3), Special Districts (12), and Other (8). • In “Other” category were a U.S. Territorial Government, Jt. Powers Agreement, Jt. Action Committee, an organization that classified itself as “city, county, and state,” pension and securities, PERS, 37 ActRetirementAssociationandL.A.’s Metropolitan Transit Authority.
Audit Committee: Does your entity have an audit committee? Yes No
AC: Does your entity have an audit committee, or equivalent body? • Of those who did not have an AC, 17% specified that they had an equivalent body, including:
Under what authority is the audit committee (or equivalent body) established? Law Regulation Policy Other • Others mentioned include: ordinances, laws and constitutions, charters, whether City, Board of Ed, AC, Mayor’s decision or Executive Order, etc.
Is your entity’s audit committee (or equivalent body) responsible for the following activities? Selection of the auditor Compensation of the auditor Oversight of the workof the auditor
Describe the composition of the audit committee (or equivalent body). • Responses on composition included: • Elected officials/designees • City council sub-groups • Mayor • Various board members • City Auditor • Audit Manager • City Supervisor
What policies and procedures does your entity have in place to ensure audit committee (or equivalent body) independence? • Sample responses: • Audit Committee Charter • State laws pertaining to Conflict of Interest • City Charter Mandate • Filing of Conflict of Interest forms • Oversight by County Board members • Independent Board outside of the regular employees • Mayor and Council are elected • Established by Law • Code of ethics • Mayor's Policy requires at least one external member to the City on committee
Does the AC (or equivalent body) include at least 1 member who is a financial expert, either in finance or accounting? Yes No
Does your entity require specific auditor reports to the audit committee (or equivalent body) on the following Yes a. The initial selection of and changes in significant accounting policies or their application? No b. The methods used to account for significant unusual transactions and the effect of significant accounting policies in controversial or emerging areas for which there is a lack of authoritative guidance or consensus (revenue recognition, off-balance sheet financing, and accounting for equity investments). Yes No c. Other significant written communications between the auditor and management, such as any management letter or schedule of unadjusted differences. Yes Yes No
Who does the audit of the entity’s annual financial report? A public accounting firm A government auditor Other
Is the financial statement auditor prohibited from providing the following non-attest services in addition to the audit? Information Systems Design? Bookkeeping? Yes Yes No No Management Consulting Services? Actuarial Services? Yes Yes No No
Does your entity require lead audit partner rotation every 5 years? Yes No
Is your financial statement auditor precluded from performing the audit if the CEO, controller, chief accounting officer, or equivalent, was employed by the auditor and participated in the audit during the preceding year? Yes No
Do you think that auditor rotation, auditor communications to audit committees and conflict of interest rules on prior employment by the auditor would benefit the public sector? Strongly Agree Agree Neutral Disagree Strongly Disagree
Does your entity have a requirement to evaluate and report on internal controls? Yes No
If yes to the previous question, under what authority is this report required? Law Regulation Policy Informal Practice Other (e.g., Management Decision)
Does your entity’s internal control report contain an assess- ment of the effectiveness of the internal control structure and procedures of the entity for financial reporting? Yes No
If a requirement was imposed on your entity to evaluate/certify the internal controls over financial reporting, would the additional cost of doing this over and above what you already have to do to comply with the requirements of the Single Audit Act outweigh the benefits gained? Yes No
If your entity has established an integrated internal control framework, is it based on guidance like Internal Control: Integrated Framework (the COSO Report of the Treadway Commission) or OMB Circular A-123? Please indicate which guidance your entity uses: COSO Standards Other State Law or Regulationbased on A-123 Do not have an integratedinternal control framework
Does your entity have a requirement that the principal executive officer(s) and the principal financial officer(s), or persons performing similar functions, certify the entity’s annual financial reports? Yes No (skip to question 45)
Has your entity adopted a code of ethics for senior financial officers? Yes No
Does your entity impose penalties for the destruction, alteration or falsification of records? Yes No
Does your entity have a provision in law or regulation that offers protection for employees who provide evidence of fraud? Yes No
Total Adverse Disclaimer 15 Day Delay 45 Day Delay 2,910 344 (11.8%) 17 329 70 Market Activity Recap – 12/31/04 10-K Filings (thru 4/21/05) • Big Four Clients 7.8 - 9.4% • Other Firm Clients 15.6%
Benefits: "Section 404 has the greatest potential to improve the accuracy and reliability of financial reporting" (SEC Chairman) Costs: "…concerns about the cost of 404 and whether is has created counterproductive, unintended consequences." (PCAOB Chairman) Strengthened control environments Enhanced corporate accountability More reliability and transparency "Catch up" on deferred maintenance Deficiencies re-mediated Market reacting rationally Year 1 costs higher than anticipated Costs ranges = 50-250% + FS audit Median range was 80-100% Total cost of compliance 75% managements assessment 25% audit cost Year 2 cost expected to decrease Costs and Benefits of Internal Control Assessments
Other Observations • 1st year 50%-100% cost of audit increases cited as most common complaint. While costs will decline, they won’t return to old levels. • That audit cost is in most instances only =<25% of the total organization wide costs. The more decentralized the controls, the higher the costs. This will be a governmental issue. • Many focused on the time spent and have not tied to use the work done to benefit the operations of the entity. Issue of controls are good and redundant controls are not better. Many redundant controls are in place with little benefit to the entity. • Budgetary controls are not considered to be as valuable as previously believed. Too easily subject to management manipulation. • No process to deal with component unit concept.