Corporation for National and Community Service Office of Inspector General
FY 2021 Audit Section Work Plan
The Inspector General Act of 1978, as amended, authorizes the Office of Inspector General for the Corporation for National and Community Service (CNCS-OIG) to conduct and supervise independent audits other reviews relating to agency programs and operations and to recommend policies that promote effectiveness and efficiency and prevent and detect fraud, waste, and abuse. This work plan lists our required and planned discretionary audit and evaluation projects for Fiscal Year 2021. CNCS-OIG may modify the plan to address issues that arise or to respond to requests from Congress or other stakeholders.
Audits Required by Law
Audit of Agency Financial Statements
Under the Government Corporation Control Act, AmeriCorps annual agency management report must include financial statements that have been audited by an independent public accounting firm under the supervision of CNCS-OIG. The audit covers the financial statements of AmeriCorps and of the National Service Trust, including an assessment of the effectiveness of AmeriCorps’ internal controls for financial reporting.
For FYs 2017, 2018 and 2019, the independent auditors were unable to validate that the financial statements were fairly and accurately presented, and they disclaimed any opinion on the financial statements. They also identified pervasive material weaknesses in the agency’s financial systems and practices.
In consultation with CNCS-OIG, AmeriCorps determined in FY 2019 that the most efficient way to address many of the findings, material weaknesses, and recommendations in the prior-years’ financial statement audit reports was to engage an experienced shared services provider to manage the agency’s accounting and financial reporting. AmeriCorps contracted with the Administrative Resource Center (ARC), within the U.S. Department of the Treasury, to assume these responsibilities. Preparations for the transition to shared services consumed the attention of AmeriCorps administrative personnel during FY 2020, and AmeriCorps recognized that it could not make significant progress on the issues identified until the transition took place. Therefore, AmeriCorps acknowledged that, if CNCS-OIG were to audit the FY 2020 financial statements, the results would be substantially the same as in the prior year: a disclaimer of audit opinion, nine material weaknesses, and unimplemented recommendations.
As a result, we did not conduct a full-scope audit of AmeriCorps’ FY 2020 financial statements, which allowed AmeriCorps to focus its limited resources on the move to shared services. Instead, CNCS-OIG expanded the scope of its FY 2020 FISMA audit to cover AmeriCorps’ critical Momentum system, the cybersecurity of which would otherwise be included in its financial statement audit,and initiated a specific performance audit of underlying data in support of its National Service Trust Obligation and Liability Model and internal control program.
In FY 2021, CNCS-OIG will conduct a full-scope audit of AmeriCorps’ financial statements, in part to determine the extent to which the migration to shared services has cured the weaknesses identified in the prior audits.
Audit of the National Service Trust
The Strengthen AmeriCorps Program Act of 2003 requires an annual independent audit of the National Service Trust, the repository for monies set aside to fund educational benefits earned by AmeriCorps members through their service. This audit is performed in conjunction with the financial statement audit. The Trust Audit examines whether Trust obligations are recorded in a timely manner, whether the amount of the Trust obligation is appropriately based on the estimated value of the education benefit, and whether the required reserve account is maintained to meet the needs of the Trust. Since FY 2017, the independent auditors have found material internal control weaknesses relating to the Trust’s unpaid obligations and the Trust liability model, leading to a disclaimer of opinion on the Trust audit and contributing to the disclaimers of opinion on AmeriCorps’ financial statements.
As noted, AmeriCorps acknowledged that the same results would occur if the Trust were audited in FY 2020. Therefore, CNCS-OIG elected to forgo a full-scope audit of the Trust in FY 2020. Instead, we initiated a specific performance audit in FY 2020 to validate corrective actions taken toward the Trust model methodology.
In FY 2021, CNCS-OIG will undertake a full-scope audit of the Trust.
Independent Evaluation of AmeriCorps’ Information System Security
The Federal Information Security Modernization Act of 2014 (FISMA), as amended, requires an annual review to determine the effectiveness of AmeriCorps’ information security program and practices, as well as its compliance with information security policies, standards, and requirements established by the Office of Management and Budget (OMB). AmeriCorps’ information security program has been assessed “Not Effective” in each of the past three years and has made little progress in that time.
Our assessment of AmeriCorps’s information security program in FY 2021 will use the maturity model in effect across the Federal government and will review the status of corrective actions taken to implement the recommendations from prior audits.
Review of Improper Payments
The Improper Payments Elimination and Recovery Act (IPERA), as amended, together with implementing guidance by OMB, requires CNCS-OIG to conduct an annual review of AmeriCorps’ reporting on improper payments and to evaluate its efforts to prevent, reduce and recover such payments. In FY 2021, CNCS-OIG will initiate a performance audit of AmeriCorps’ FY 2020 IPERA work.
Digital Accountability and Transparency Act Compliance Audit
The Digital Accountability and Transparency Act of 2014 (DATA Act) requires Federal agencies to submit quarterly financial and award data for publication on USASpending.gov. OMB and U.S. Department of Treasury established standards for Federal agencies to use 57 data elements in reporting its financial and award information. The DATA Act also requires the OIG of each Federal agency to audit a statistically valid sample of the data submitted by its agency. These audits take place every two years. Each OIG reports on the completeness, accuracy, timeliness, and quality of the data elements sampled, as well as its agency’s compliance with government‐wide financial data standards.
As we reported for FYs 2017 and 2019, AmeriCorps did not fully comply with the DATA Act due to weaknesses in its existing financial reporting system (internal control over source systems) and internal control weaknesses within financial reporting, data management, and data reporting processes. In FY 2021, CNCS-OIG will audit the agency’s implementation of corrective actions and efforts to become fully compliant with the DATA Act.
Review of Charge Card Abuse and Prevention
Pursuant to the Government Charge Card Abuse Prevention Act of 2012 (Charge Card Act), Public Law 112-194, and OMB Memorandum M-13-21, Promoting Efficient Spending to Support Agency Operations, CNCS-OIG conducts an annual risk assessment of AmeriCorps’ controls over its purchase cards and travel cards, to determine whether a more extensive audit is required.
Review of Grant Closeout
The Grants Oversight and New Efficiency Act (GONE Act) requires Federal agencies to report the status of, and efforts towards, the timely closeout of completed grants. The Inspector General of an agency that funds more than $500 million in grants annually must conduct a risk assessment to determine whether an audit or review of the agency’s grant closeout process is warranted.
We have deferred a detailed audit or review of AmeriCorps’s grant closeout process pending completion of the current agency-wide reorganization of grants management, which may alter grant closeout practices and performance. We will continue to monitor the grant closeout process through the review of AmeriCorps’s corrective actions relating to this material weakness and Office of Chief Risk Officer’s (OCRO) internal control assessment work. Depending on the results, and the status of AmeriCorps’s new grant management process, we will decide whether an audit or review is needed in FY 2021.
Discretionary Audits and Reviews
Performance Audit on AmeriCorps’ Internal Control Program Testing
We will complete a performance audit to assess the effectiveness of AmeriCorps’ Internal Control Program and its compliance with OMB Circular No. A-123, Management's Responsibility for Enterprise Risk Management and Internal Control. This will include the policies and procedures and methodology employed by OCRO in its limited testing of AmeriCorps’ operational controls in FY 2020.
Performance Audit regarding AmeriCorps’ National Service Trust Obligation and Liability Model
We will initiate a performance audit to evaluate the validity, accuracy, and sensitivity of data supporting AmeriCorps’ FY 2020 National Service Trust Obligation and Liability Model. The performance audit of AmeriCorps’ National Service Trust Obligation and Liability Model (TOLM) will focus on the underlying data supporting the model. The results will also inform the full-scope audit of the Trust in FY 2021.
Special Review of Subrecipient Monitoring
A pass-through grantee, which makes subawards to non-Federal organizations to carry out part of a Federal program, is responsible for monitoring the activities of subgrantees to ensure that funds are used for authorized purposes, and in compliance with applicable requirements and the terms and conditions of the subaward. Subgrantee monitoring is vital to protect the integrity of Federal funds, and AmeriCorps relies on pass-through grantees to perform this critical function.
During FY 2020, we initiated a special review to analyze pass-through grantees’ subrecipient monitoring practices. We surveyed 19 pass-through grantees and solicited documentation regarding the planning, execution, and reporting of their subrecipient monitoring activities for FYs 2018 and 2019. We will compile and analyze survey results to identify trends in subrecipient monitoring practices. We will also analyze findings from our prior audits and agreed upon procedures reviews to identify and incorporate previous findings and recommendations with respect to subrecipient monitoring activities.
Evaluation of AmeriCorps National Civilian Community Corps COVID 19 Protocol
AmeriCorps National Civilian Community Corps (NCCC) is the agency’s only residential program, in which teams of members partner with local and national organizations to complete hands-on projects in designated regions of the country. The members, who are 16-24 years of age, reside at one of four regional campuses located in Vinton, Iowa (North Central Campus); Sacramento, California (Pacific Campus); Vicksburg, Mississippi (Southern Campus); and Aurora, Colorado (Southwest Campus).
In March 2020, NCCC campuses closed due to the COVID 19 pandemic and work on the program was temporarily paused. NCCC began returning team leaders and certain members to campuses to assist with national service activities in late May 2020. As of October 2020, all campuses have now resumed in-person activities.
CNCS-OIG will conduct an evaluation of the National Civilian Community Corps’ (NCCC) COVID 19 protocol to return members to its four regional campuses during calendar year 2020. Our evaluation will be conducted in accordance with the Council of Inspectors General on Integrity and Efficiency Quality Standards for Inspections and Evaluations.
Report on AmeriCorps Management Challenges
To assist agency leadership, CNCS-OIG will update its prior report on the top management challenges facing AmeriCorps. There have been significant changes in the past four years, including the consolidation of grant management into eight regional hubs and the combination of program and grant officer positions into the position of portfolio manager. In addition, AmeriCorps has contracted with a shared services provider for travel, transferred procurement and financial accounting services. Other important systems remain unchanged, however, including the legacy grants management information system.
Adequacy of Senior Corps Grantees’ Financial Management Systems
Our audit work continues to find grantees whose financial management systems and practices are not sufficient to manage Federal funds and required matching funds in accordance with the grant terms and conditions and Uniform Grant Guidance requirements. We will review the process by which AmeriCorps evaluates the financial management systems of Senior Corps grantees and grant applicants. We will also select a mix of new and experienced Senior Corps grantees for an in-depth examination of their financial systems and related policies and practices.
Grants account for 75 percent of AmeriCorps’ operating budget, placing a premium on monitoring and oversight. Audits that focus on grantees are an important component of ensuring that Federal funds are handled prudently and in compliance with applicable requirements. Grantees are selected for audit based on input from AmeriCorps, issues identified during monitoring and risk assessments, recent CNCS-OIG experience, single audit results, and other risk factors. CNCS-OIG plans to initiate an audit of the Puerto Rico State Commission and complete the following work in process:
• YouthBuild USA
• Maryland Governor’s Office on Service and Volunteerism
• DC Commission
Continuous Grantee Monitoring and Data Analytics
CNCS-OIG has established a data analytics program through which we integrate information from multiple sources to inform our audits, evaluations and investigations, identify potential fraud and sharpen our risk assessments. We are vigilant in monitoring “single audits” (statutorily required audits of organizations that expend more than $750,000 in Federal funds per year) for significant findings, including internal control weaknesses, noncompliance with laws and regulations, going concern limitations, related party transactions, and questioned costs. Additional key sources of information include other OIGs’ audits and investigations of organizations that also receive AmeriCorps funds, available on the Council of Inspectors General for Integrity and Efficiency’s Oversight.gov, and IRS Form 990 tax filings for nonprofit organizations, which contain substantial information regarding an organizations’ financial stability and disclosures of significant diversion of funds and related party transactions.
The Audit Section is often called upon to provide extensive support in connection with investigations of specific wrongdoing. Investigations may also reveal program vulnerabilities, noncompliance with Federal regulations, gaps in internal controls, and opportunities to strengthen program integrity, suggesting areas for audit inquiry. We anticipate that this important activity will continue in FY 2021.
CNCS-OIG will continue to improve accountability by educating AmeriCorps staff and the grantee community about common audit findings and emerging issues. We engage these stakeholders as active partners in our mission to prevent and detect waste, fraud and abuse in AmeriCorps programs. The Audit Section actively participates in AmeriCorps-sponsored events designed to inform the grantee community about such matters at national and regional meetings and other events.
The Audit Section will also work with the OCRO and the Office of Monitoring, in support of AmeriCorps’ Enterprise Risk Management program and efforts to develop a more rigorous, risk-based approach to grant monitoring, with appropriately aligned monitoring activities