POST-AWARD FINANCIAL COMPLIANCE

1
POST-AWARD FINANCIAL COMPLIANCE

• Presented by
• Jerry Fife,
• Assistant Vice Chancellor for Research Finance,
  Vanderbilt University, jerry.g.fife_at_vanderbilt.edu
  
• Ted Mordhorst,
• Assistant Director for Post Award Compliance,
  University of Washington, tedm2_at_u.washington.edu

2
Introduction

• COMPLIANCE
• The legal and ethical conduct of sponsored
  projects or programs.
• This includes both the administrative and
  technical conduct of the project or program.

3
Workshop Goal

• Participants will
• gain a greater understanding of the post award
  compliance issues we all face.
• be provided with a tool for assessing and
  monitoring the various areas of compliance.

4
Compliance Why?

• Maintains relationship of TRUST with sponsors
• Provides for proper stewardship to safeguard
  investments in research.
• It is the right thing to do!

5
What are the Risk Factors?

• Withholding of future awards.
• Audit findings/cost disallowances
• Criminal, civil and administrative penalties.
• Loss of administrative flexibility.

6
What are the Risk Factors?

• Reputation with sponsors, donors, legislators,
  staff, faculty and students.
• Public embarrassment.
• Loss of public confidence.

7
Financial Mismanagement

• Incorrect reporting of time and effort.
• Not accounting for or reporting program income.
• Improper allocation of costs.

8
Financial Mismanagement

• Inconsistent/improper accounting of FA costs.
• Last minute cost transfers.
• Improper payments to subcontractors.

9
Federal Sentencing Guidelines

• One significant aspect of the Guidelines is that
  each organization is responsible for the wrongful
  acts of its employees as long as the employees
  were acting in their official capacity.
• The theory is that the organization shares a
  degree of culpability if an employee acts in an
  unlawful manner, even if the organization did not
  know of or approve of their actions.

10
Federal Sentencing Guidelines
Important factors upon which organizations will
be judged by the federal government include

1. the absence of proper internal controls,
2. knowing participation by high level management,
3. previous violations,
4. lack of anti-fraud procedures and
5. the absence of ethics training.

11
What can we do?

• Initiate or maintain a proactive compliance
  program.
• The NIH Office of Inspector General suggested
  compliance program guidelines.

12
NIH - OIG

• Compliance Program Guidance (CPG)for Recipients
  of NIH Research Grants
• The purpose of this guidance will be to assist
  organizations in preventing fraud and abuse and
  in better complying with Federal requirements. We
  anticipate that the guidance for recipients of
  NIH research grants will contain seven elements
  that we consider necessary for a comprehensive
  compliance program. These seven elements include

13
NIH OIG (continued)

• Implementing written policies and procedures that
  foster an institutional commitment to stewardship
  and compliance
• Designating a compliance officer and compliance
  committee
• Conducting effective training and education

14
NIH OIG (continued)

• Developing effective lines of communication
• Conducting internal monitoring and auditing
• Enforcing standards through well-publicized
  disciplinary guidelines

15
NIH OIG (continued)

• Responding promptly to detected problems,
  undertaking corrective action, and reporting to
  the appropriate Federal agency.
• NIH is also considering an eighth element,
  Defining roles and responsibilities and
  assigning oversight responsibility, '' that would
  include a discussion of the importance of
  effectively delegating oversight authority.

16
Where to Begin?

• Identify areas that most commonly result in
  non-compliance
• Review recent audit results.
• Review agency audit plans

17
DHHS PILOT AUDITS
The DHHS OIGs office plans to conduct pilot
audits at universities in five areas.

1. Direct Charging of Clerical and Administrative
   Salaries
2. Cost Transfers
3. Cost Sharing/Matching
4. Sub recipient Monitoring
5. Effort

18
Risk Management Plan

• Key component of institutional defense - due
  diligence.
• Used to mitigate institutional risk to an
  acceptable level.

19
Risk Assessment

• RISK An uncertainty that could impact the
  institutions ability to achieve its goals and
  objectives.
• Identify areas of Risk.
• Develop a Matrix
• Borrowed from the University of Texas at San
  Antonio web site with permission from Donna Holmes

20
The Risk Matrix

• In the left hand column, Identify activities with
  the greatest risk.
• Examples Allowable costs
• ?
• ?
• ?
• In the rows identify the risk factors.
• Example for allowable costs Costs charged to a
  grant are not allocable to the grant.

21
Areas used to Evaluate Risk level

• Balance size of population in dollars,
  (materiality).
• Size of area. Overall budgetary responsibility.
• Responsibility for federal funds.

22
Areas used to Evaluate Risk level

• Employee turnover.
• Level of automation.
• Extent of decentralization.

23
Areas used to Evaluate Risk level

• Segregation of duties.
• Applicability of external laws, regulations and
  terms conditions

24
Areas used to Evaluate Risk level

• Frequency of audit.
• Audit finding history
• Interest shown by outside constituents.

25
Basis for Determining Compliance

• Federal regulations OMB Circulars, FAR, etc.
• Award Terms Conditions
• Non-federal Terms Conditions
• Institutional Policies and Procedures, CAS
• Ethical Conduct

26
Monitoring Plan

• Area to be assessed
• Specific risks
• Risk Rating
• Regulatory Basis
• Institutional Policy
• Person Responsible

27
Monitoring Matrix

• Operating control
• Evidence of control
• Supervisory Control
• Evidence of control
• Oversight Control
• Evidence of control

28
Training Matrix

• Who to train
• Level of knowledge required
• Frequency
• Trainer
• Testing method

29
Reporting Matrix

• Activity to be reported
• Type of information to be reported
• Frequency of Reporting
• Recipient of report

30
Key Components

• Written Policies Procedures
• Assessment
• Training
• Anonymous reporting

31
Wrap-Up

• Questions?

32
Resources

• University Compliance web pages
• Agency OIG web pages
• NCURA and (SRA)