WHAT INSPIRES YOU, INSPIRES US.
Insights : Article

To Document or Not To Document That is the Question

By   Eric Berman

May 22, 2017

One of the major issues of federal grants and any other financial operation is what to document and when.   After all, in many cases, if a policy or procedure is not documented, does it exist?  Is it effective if it is not documented somehow?  When was the last time the policy was updated? (Hint: If the first two digits of the year are a “1” and a “9” it probably needs updating).  Is there a consolidated checklist of what is required to be document and when?  Unfortunately, the answer is ‘no’ as every operation is different.

Federal Operations and Documentation

The Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Title 2 Code of Federal Regulations Part 200 – also known as the “Uniform Guidance,”) sets forth a number of provisions which are mandatory.  For example, organizations must establish and maintain effective internal controls over the federal award that provides reasonable assurance that the entity is managing the federal award in compliance with federal statutes, regulations and the terms and conditions of the federal award.  However, the entity should (meaning a best practice and not presumptively mandatory,) base internal controls on the Standards for Internal Control in the Federal Government (the Green Book) or the Internal Control-Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO).  There is no expectation or requirement that an entity document or evaluate internal controls in accordance with the Green Book or the COSO, nor is there a requirement to reconcile to that guidance.

However, audit standards require sufficient appropriate audit evidence to support management’s assertions that internal controls are effective and operating.  Therefore, some form of documentation is required. 

Compensation is also a key area of documentation.  At a minimum, to adequately substantiate compensation, information must:

  • Be supported by a system of internal control which provides reasonable assurance that the charges are accurate, allowable, and properly allocated.
  • Reasonably reflect the total activity for which the employee is compensated by the nonfederal entity, not exceeding 100% of compensated activities.
  • Comply with the established accounting policies and practices of the nonfederal entity
  • Support the distribution of the employee’s salary or wages among specific activities or cost objectives if the employee works on more than one federal award; a federal award and nonfederal award; an indirect cost activity and a direct cost activity; two or more indirect activities which are allocated using different allocation bases; or an unallowable activity and a direct or indirect cost activity.

Absent any of this documentation, personnel activity reports may be required, including prescribed certifications or reports that support the records.  Budgets are not enough support for federal charges.

Nonfederal Documentation – Based on the COSO Framework

Federal operations and documentation is very similar to the basics of required documentation for all operations.  After all, internal controls are based on the COSO Framework. 

The COSO Framework indicates there may be instances where an entity might not explicitly document an objective.  However, they should be understood by the people who are working toward achieving them.  The objectives frame internal controls of any entity.

The level of documentation depends on the organization’s objectives.  The more complex the operations, assets, reporting and compliance, the greater the documentation.

Conclusion

Sufficiency of documentation is often in the eye of the beholder.  There are templates available for organizations, including many freely available on the internet.  For example, a college may look at another college’s documented policies and procedures by doing a simple search.  But when was the last time those were updated? Does the other college’s operations match the college’s own operations?

Organizations should start with an organizational chart.  Behind the chart should be policies, procedures, job descriptions and alignment to the objectives of the organization.  If the elements are written, they should be readily accessible by any person who may need to refer to them.  They should be secured with changes approved by at least management.

For federal awards, the Office of Management and Budget (OMB) Matrix of Compliance Requirements includes documentation of all internal controls supporting those requirements as detailed in the federal award.  Compliance requirements are detailed in the federal award, including required documentation.  A cataloguing of those requirements and required documentation for the organization is a great place to start, along with the checklist of items on the next few pages.

For further information, please contact your Eide Bailly LLP Partner.

 

CHECKLIST OF MANDATORY AND BEST PRACTICES / PRESUMPTIVELY MANDATORY DOCUMENTATION

Section / Reference

Element(s)

Must (Mandatory)

Should (Best Practice if involving federal awards, Presumptively Mandatory in COSO Framework)

Title 2, CFR Part 200.112

Disclosure of conflicts of interest to federal awarding agency or pass-through-entity in accordance with federal agency policy

 

Title 2, CFR Part 200.113

Disclosure of all violations of federal criminal law involving fraud, bribery, or gratuity violations potentially affecting the Federal award

 

Title 2, CFR Part 200.201

Certification of completion of a project in accordance with terms of federal award or if the project was not completed why.  Also documentation of changes in principal investigator, project partner or scope of effort with evidence of approval from the federal agency or pass-through entity.

 

Title 2, CFR Part 200.302

Documentation regarding identify the source and application of funds for federally funded activities

 

Documentation regarding effective control over and accountability for all funds, property and other assets

 

Documentation regarding cash management requirements / compliance

 

Documentation regarding allowable cost determination in accordance with cost principles and terms and conditions of federal awards

 

Title 2, CFR Part 200.303

Establish and maintain effective internal controls over the federal award that provides reasonable assurance that the entity is managing the federal award in compliance with federal statutes, regulations and the terms and conditions of the federal award

 

FAQ 200.303-3

Internal control systems based on Standards for Internal Control in the Federal Government (the Green Book) or the Internal Control-Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO)

 

Title 2, CFR Part 200.306

For federal draws in advance, evidence of procedures that minimize time between the transfer of funds and disbursement of funds and other cash management procedures indicating prior federal / pass-through entity approval and separate accounting.

 

Title 2, CFR Part 200.308

For budgetary revisions, evidence of prior written approval

 

Title 2, CFR Part 200.311

For disposal of federally funded real property, disposition instructions needed from pass-through-entities, if applicable

 

Title 2, CFR Part 200.312

For federally owned and exempt property – annual inventory listing of property in custody (being used by nonfederal entities but funded by federal entities)

 

Title 2, CFR Part 200.313

Property records showing the use of federally funded equipment in accordance with grant award terms and conditions, unless exempted due to materiality

 

Title 2, CFR Part 200.317-.321

Documentation of procurement provisions including whether the entity deferred election of sections .317-.321 to July 1, 2017

 

Title 2, CFR Part 200.318

Documentation of conflict of interest policy

 

Title 2, CFR Part 200.318(a)

Documentation if following state / local procurement standards if more stringent than federal standards

 

Title 2, CFR Part 200.331

Documentation of monitoring and risk assessment made of subrecipients

 

Title 2, CFR Part 200.331(a)

Documentation of key terms / conditions of federal award to subrecipient

 

Title 2, CFR Part 200.333

Financial records, supporting documents, statistical records, and all other non-Federal entity records pertinent to a Federal award retained for a period of three years from the date of submission of the final expenditure report or, for Federal awards that are renewed quarterly or annually, from the date of the submission of the quarterly or annual financial report, respectively, as reported to the Federal awarding agency or pass-through entity in the case of a subrecipient, with certain exceptions.

 

Title 2, CFR Part 200.430

Documentation supporting compensation elements that is supported by a system of internal controls, reflect the total activity for which the employee is compensated, in compliance with established accounting policies and practices of the entity and support the distribution of salary / wages among activities / cost objectives if working on more than one program

 

Title 2, CFR Part 200.437

Documented policies for the improvement of working conditions, employer- employee relations, employee health, and employee performance if claimed as reimbursable costs

 

Title 2, CFR Part 200.440

Adequate source documentation of exchange rate costs if seeking reimbursement

 

Title 2, CFR Part 200.474

Various supporting documentation for travel costs if reimbursed by federal awards if consistent with entity’s documented travel policy

 

Title 2, CFR Part 200.508

Supporting documentation as required for audits

 

Title 2, CFR Part 200.511

Documentation addressing prior audit findings

 

COSO Framework

Policies and procedures supporting objectives effecting internal controls

 

COSO Framework

Documentation supporting consistency in adherence to practices, policies and procedures

 

COSO Framework

Documentation capturing the design of internal controls

 

COSO Framework

Documentation supporting training of staff / management on internal controls

 

COSO Framework

Evidence of internal control and proper monitoring when required by regulators / customers for evaluation by auditors

 

COSO Framework

Documentation supporting business continuity / disaster recovery (if tested, results of the tests, findings and adjustments needed)

 

OMB Compliance Supplement

Documentation supporting compliance requirements as applicable