For the third year in a row, an independent audit of CNCS’s National Service Trust Fund Fiscal Year 2019 financial statements resulted in a disclaimer of opinion, the worst possible outcome for a financial statement audit. CNCS cured none of the three material weaknesses and one significant deficiency, which were first identified in the FY 2017 audit.
In short, CNCS’s financial statements were unauditable and CNCS was unable to support some of its largest transactions and liabilities. The financial statements published by CNCS likely contain widespread material errors and should not be relied upon.
Key audit findings were:
- Disclaimer of Opinion: CNCS was unable to provide adequate evidential matter to support a significant number of transactions and account balances due to inadequate processes and controls to support transactions and estimates and incomplete records to support accounting for transactions in accordance with the generally accepted accounting principles. The independent auditors were unable to obtain sufficient appropriate audit evidence to provide a basis for an audit opinion. In addition, CNCS did not provide the documentation necessary for the auditors to assess the accuracy and completeness of certain year-end balances.
- Material weaknesses and significant deficiency in CNCS’s internal control over financial reporting included:
o Material Weaknesses:
- Internal Controls Program: The system of internal controls failed to identify numerous and pervasive material weaknesses that the auditors found in financial reporting and in specific material line items on the financial statements;
- Financial System and Reporting: CNCS’s financial reporting was hindered by limitations in its financial system and the timing and difficulties arising from insufficient accounting staff and inadequate internal controls;
- Trust Obligations and Liability Model: There were inconsistencies between the assumptions used and how those assumptions were applied in the estimation of the Trust obligations and liabilities. The revised Trust model used to establish the liability included calculation errors and lacked quality controls, which impair significantly the accuracy of the reported liability;
o Significant Deficiency:
- Information Technology Security Controls: Auditors found new and recurring weaknesses in the information security program with respect to configuration management, access control and security management.
- An instance of noncompliance with provisions of laws and regulations with respect to Single Audits, which could have a direct and material effect on financial statement accounts and disclosures. CNCS did not adequately monitor the effectiveness of nor fully develop performance metrics to track the CNCS single audit monitoring process.
The audit report made 37 recommendations to CNCS, including immediate corrective actions to address pervasive material weaknesses and significant deficiency.
CNCS’s response asserts that it has “invested significant time and effort . . . responding to previous audit recommendations” and “continues to demonstrate its commitment to improving financial management reporting and operations.” Though stating that CNCS “partially concurs with the conditions and recommendations in the report,” CNCS did not respond to specific findings. The sole exception concerns the National Service Trust, where CNCS’s response reflects a misunderstanding of the auditors’ concern, which CNCS-OIG will remedy. Finally, CNCS notes that it will be migrating to shared services for accounting at the beginning of FY 2021 and “will incorporate [the auditors’] recommendations where appropriate.”
The independent accounting firm of CliftonLarsonAllen LLP, performed the audit of the CNCS’s National Service Trust Fund FY 2019 financial statements, under contract with CNCS-OIG.