The Coronavirus Aid, Relief, and Economic Security (CARES) Act assigned the U.S. Department of Treasury Office of Inspector General (OIG) responsibility for compliance monitoring and oversight of the receipt, disbursement, and use of payments from the Coronavirus Relief Fund (CRF Payments). OIG has also been given the authority to recoup CRF Payments in the event OIG determines that a recipient did not comply with Treasury regulations governing the use of CRF Payments.
In exercising that authority, OIG has published a few letters in which it concludes that certain uses of CRF Payments did not comply with the Treasury’s guidelines. OIG found the following types of uses ineligible:
Given that the deadline for incurring expenditures that will be paid for using CRF Payments has passed, we can anticipate that OIG may begin undertaking audits of some Alaska Native corporations’ and Tribes’ use of their CRF Payments. The following is a summary of OIG-CA-21-004R, Coronavirus Relief Fund Prime Recipient Desk Review Procedures, dated May 22, 2021 (Desk Review Procedure). OIG’s Desk Review Procedure provides insight on the process during audits and the type of document and information requests that may be made.
1. Objective of Desk Review
OIG describes the objective of a “desk review” of a recipient’s use of CRF Payments as “evaluat[ing] the prime recipient’s documentation supporting the uses of CRF proceeds as reported in GrantSolutions, and assess[ing] risk of unallowable use of funds.” The desk review may or may not result in a site visit or a recommendation for an audit.
2. Scope of Review
The Desk Review Procedure states that the scope of a desk review may include a single quarter or multiple quarters, from the initial report through the quarter ending September 30, 2022. Therefore, a desk review may focus on a single quarter of expenditures, or include all of a recipient’s reported uses of CRF Payments.
3. Sources of Information
The Desk Review Procedure allows the OIG official conducting the review to rely on any available sources of information, including quarterly submissions to the GrantSolutions website, any Single Audit Act reports, and publically available information like statements in news articles, public postings on the internet, and other public documents. Indeed, OIG questioned Rhode Island based on a newspaper article in which Rhode Island’s governor suggested that the state was going to use CRF Payments to cover budget shortfalls.
As part of a desk review, OIG may also request and review “a judgmental sample of contracts, grants, loans, transfers to other governments, direct payments, and aggregate reporting,” evaluate “documentation and records used to support the quarterly submission(s),” conduct interviews with the personnel who submitted and certified the reports filed with GrantSolutions, and “conduct site visits to the prime recipient, as deemed necessary.”
Accordingly, while a desk review is not a formal audit, it has many of those characteristics, can be burdensome, and will require a coordinated response.
4. Selecting Desk Review Recipients
The Desk Review Procedure does not require each recipient of CRF Payments to be subject to a desk audit. Instead, it identifies several factors that OIG officials should consider when deciding which recipients to subject to a desk review. Those factors are:
- The recipient has exhibited a high degree of difficulty in the quarterly reporting process;
- The recipient has submitted one or more late quarterly reports; or
- The recipient has triggered a non-compliance status in one or more quarterly reports.
When a decision is made to initiate a desk review, OIG will then document the rationale for selecting that recipient for review.
Reducing submissions of late or faulty quarterly reports may reduce the likelihood of being selected for a desk review.
5. Desk Review Procedures
The Desk Review Procedure lays out a variety of steps that will be taken during a typical desk review. It also permits the OIG official conducting the desk review to “perform[] additional procedures or steps deemed necessary based on the prime recipient, the type of payment, and or [sic] other matters identified during the desk review and/or site visit.”
A. Notification. The first step is notifying the recipient that OIG will be conducting a desk review. This includes transmitting a “notification or engagement memorandum to the prime recipient’s authorized official explaining the purpose of the desk review.”
B. Initial Conference. After the notification is sent, OIG will “[s]chedule a mutually agreeable date for an entrance conference with the appropriate management official(s) where details of the desk review will be provided” and “[p]rovide a document request list for records supporting sample selection of contracts, grants, transfers made to other government entities, loans, direct payments, and payments to individuals selected for review.” Desk reviews are not conducted in secret. Recipients should know if OIG is conducting a desk review and receive notice of the procedures and scope of the review.
C. Grant Solutions Report Review. After the desk review notice has been sent, the OIG official conducting it will review the recipient’s GrantSolutions reports in an effort to identify “any unresolved reporting issues, variances between obligations and expenditures, insufficient descriptions provided for ‘Items Not Listed Above’ expenditure category, or other anomalies needing further review.”
D. Review of Other Audits. The OIG official will also review the results of any available Single Audit Reports, or other audits, including audits prepared by Government Accountability Office and other federal agencies. These audits will be reviewed “to identify internal control deficiencies that may pose a risk and/or impact the prime recipient’s quarterly reporting and compliance with uses of CRF proceed requirements.” In particular, the Desk Review Procedure directs OIG officials to review them for “audit findings that could have a potential effect on the recipient’s administration of CRF proceeds (e.g., cash management, segregation of duties, etc.),” including any response by management included in the audit and whether a corrective action plan has been identified.
E. Data Analytics Review. The Desk Review Procedure also directs the OIG official to perform a “data analytics” of the recipient’s GrantSolutions date, including analyzing the use of CRF Payments by expenditure category to “identify high dollar and unique expenditure types,” conducting a “trend analysis by expenditure category,” and identifying “anomalies within obligation and expenditure data, projects (if any), and sub-recipient population reported.”
F. Sample Reviews. The Desk Review Procedure also includes sampling as part of the review process. The OIG official conducting the desk review will “[s]elect a judgmental sample of payment type” to review, including potentially “consult[ing] with statistician to determine appropriate sample methodology and sample selection to review obligations and expenditures for payment types.” The reviewer should document the methodology and rationale for the sample selection.
The level of review of a particular payment selected using the sampling methodology will depend on the nature and size of expenditures, set as the six following categories.
(1.) Contracts Greater than $50,000
For contracts greater than $50,000, the desk reviewer is to:
- Record the dollar amount of the contract, the contract date, the period of performance, and any associated project;
- Determine if the documentation “sufficiently support[s]” the reported obligations, expenditures, dates, and expenditure category; and
- Identify if there are any internal control deficiencies identified in Single Audit and other audit reports that pose a risk.
(2.) Grants Greater than $50,000
For grants greater than $50,000, the desk reviewer is to:
- Record the dollar amounts of the grant and expenditures, the grant payment type (one-time payment or reimbursable), the grant date, grantee compliance/noncompliance, and any associated project;
- Determine if the documentation “sufficiently support[s]” the reported obligations, expenditures, grant payment type, and expenditure category;
- Determine if the documentation adequately describes circumstances for noncompliance; and
- Identify if there are any internal control deficiencies identified in Single Audit and other audit reports that pose a risk.
(3.) Loans Greater than $50,000
For loans greater than $50,000, the desk reviewer is to:
- Record the dollar amounts of the loan and expenditures, the loan date, and any associated project;
- Determine if documentation “sufficiently support[s]” the reported obligations and expenditures, the loan date, and the expenditure category;
- Determine if the loan repayment proceeds were used, or plan to be used for other Coronavirus Relief Fund allowable uses or returned to the Treasury, and (i) if repayments are returned to the Treasury, documentation supports the return, or (ii) if repayments are not returned, documentation shows how the funds are used or plans for use; and
- Identify if there are any internal control deficiencies identified in Single Audit and other audit reports that pose a risk.
(4.) Direct Payments Greater than $50,000
For direct payments greater than $50,000, the desk reviewer is to:
- Record the dollar amounts of the obligation and expenditures, the payment date, and any associated project;
- Determine if the documentation “sufficiently support[s]” the reported obligations and expenditures, the payment date, and the expenditure category; and
- Identify if there are any internal control deficiencies identified in Single Audit and other audit reports that pose a risk.
(5.) Aggregate Reporting for Projects
For “aggregate reporting,” i.e., projects whose expenditures are reported in the aggregate because each payment is less than $50,000, the desk reviewer will select a “payment type”—a contract, grant, loan, direct payment, or transfer— and then:
- Record the dollar amounts of the obligations and expenditures and the payment dates;
- Determine if the documentation “sufficiently support[s]” the reported obligations and expenditures and the payment dates; and
- Identify if there are any internal control deficiencies identified in Single Audit and other audit reports that pose a risk.
(6.) Aggregate Reporting for Payments to Individuals
For “aggregate payments to individuals,” i.e., programs that involve making direct payments to individuals whose expenditures are reported in the aggregate because each payment is less than $50,000, the desk reviewer is to:
- Record the dollar amounts of the obligations and expenditures and the payment dates;
- Determine if the documentation “sufficiently support[s]” the reported obligations and expenditures and the payment dates; and
- Identify if there are any internal control deficiencies identified in Single Audit and other audit reports that pose a risk.
G. Summary Memorandum. After completing the sample reviews, the OIG official will prepare a memorandum that summarizes their findings by each payment type category, as well as include an overall assessment of the recipient’s compliance with GrantSolutions reporting and uses of CRF Payment requirements. The desk reviewer will use the summary memorandum to determine whether to conduct a site visit or refer the recipient to a formal audit by OIG.
Site Visits. The Desk Review Procedures describes “site visits” as the “highest level of prime recipient monitoring.” Site visits may be initiated based on quarterly or desk reviews by OIG. Site visits may be conducted in person or virtually. OIG describes the purpose of site visits as “resolv[ing] desk review issues, allow[ing] the Treasury OIG to evaluate the status of projects and/or activities as selected, and apply[ing] the desk review procedures to an expanded scope for review.”
During an on-site visit, OIG will:
- Conduct an entrance interview with the recipient’s management officials, project personnel, or financial/accounting staff to “set the tone and establish expectations for the on-site visit;”
- Interview “key officials and staff” to discuss any issues or problems identified during the desk review;
- Potentially conduct interviews with sub-recipients;
- Perform the desk review procedure described above “on expanded scope of obligations, expenditures, payment type, or expenditure categories as deemed necessary;” and
- Conduct an exit conference with the recipient to discuss results and next steps.
When the site visit is concluded, OIG will document its analysis and conclusions and determine whether to refer the recipient for a formal audit by OIG.
H. Conclusion of Desk Review. Upon conclusion of a desk review (including a site visit, if any), the recipient should receive a memorandum from OIG notifying them of the results of the review and any next steps (i.e., an audit or no other action).
6. Conclusion
As the procedures describe above, a desk review generally will not be a comprehensive review of the recipient’s use of CRF Payments but will target a “sample” of programs and expenditures. However, the desk review has the potential to grow into a site review and/or a formal audit of all uses of CRF Payments. Accordingly, recipients should take any desk review seriously, and notification that a desk review is being undertaken warrants prompt and considered action and response. The Desk Review Procedures also highlight the need for continued documentation of expenditures of CRF Payments and warrant providing careful attention to detail when submitting reports to GrantSolutions, as problems and variances in GrantSolutions reporting could be the genesis of a desk review.
This article summarizes aspects of the law and does not constitute legal advice. For legal advice for your situation, you should contact an attorney.
|