UNDERSTANDING THE CONSEQUENCES AND SAFEGUARDS
ASSOCIATED WITH INTERNAL CONTROLS OVER COMPLIANCE
Requirements related to internal controls over compliance are becoming increasingly essential for nonprofit and governmental entities. Organizations who receive Federal awards are required to follow the compliance requirements in the Uniform Guidance, even if those organizations do not meet the requirements for a single audit. Additionally, they are responsible for establishing and maintaining effective internal controls over compliance. Having effective internal controls over compliance in place even if single audit requirements are not met will also ensure the organization is ready when they are. It is imperative that all entities receiving Federal funding are adequately trained to understand the compliance requirements as well as their role in implementing effective internal controls.
In 2016, a study was performed by the American Institute of Certified Public Accountants (AICPA), reviewing the quality of single audits performed. They randomly selected 87 single audits to review. Of those 87 audits, 25 lacked sufficient evidence that the firm tested internal controls around compliance requirements, 22 failed to document understanding of internal controls around compliance requirements, and 12 had no evidence of testing internal controls over compliance. As a result, auditors are being scrutinized more to ensure they are properly identifying and testing internal controls over compliance when performing single audits. Thus, it is important for nonprofit and governmental organizations to ensure those controls are in place. A lack of adherence to internal controls results in audit findings that must be reported, and the organization faces the potential for withdrawn funding.
To ensure compliance, the Uniform Guidance recommends all non-Federal entities follow the internal control procedures provided in the Standards for Internal Control in the Federal Government (the Green Book) or the Committee of Sponsoring Organizations (COSO) frameworks. Both the Green Book and COSO recommend the same five-component system outlined below.
A thorough assessment of the design, implementation, and operating effectiveness of each component and its principles will determine the system’s success. The lack of any single component or principle renders the system deficient. A more in-depth explanation and illustration of the framework is available through the AICPA’s website.
VonLehman’s team of nonprofit and governmental specialists can help ensure your organization is in compliance with the Uniform Guidance. Our team is adept at analyzing and correcting deficiencies related to Internal Controls for nonprofit and governmental entities. Our professionals will give you the peace of mind that allows you to focus on what matters most, your mission’s success. Contact us today at 800.887.0437 to learn how we can help your organization.