Subrecipient Monitoring Procedures – Determining Appropriate Level of Monitoring & Linking It to Risk Assessment Results
As mentioned before, the Uniform Guidance requires pass-through entities to monitor their subrecipients to assure compliance and performance goals are achieved.
In a recent previous post, we described the process for conducting a risk assessment of subrecipients. In this post below, we explain how to link the level of monitoring, that the pass-through entity will perform, to the results of the risk assessment.
Relevant excerpts from the Uniform Guidance:
§200.331 Requirements for pass-through entities.
(d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include:
(1) Reviewing financial and performance reports required by the pass-through entity.
(2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means.
(3) Issuing a management decision for audit findings pertaining to the Federal award provided to the subrecipient from the pass-through entity as required by §200.521 Management decision.
(e) Depending upon the pass-through entity's assessment of risk posed by the subrecipient (as described in paragraph (b) of this section), the following monitoring tools may be useful for the pass-through entity to ensure proper accountability and compliance with program requirements and achievement of performance goals:
(1) Providing subrecipients with training and technical assistance on program-related matters; and
(2) Performing on-site reviews of the subrecipient's program operations;
(3) Arranging for agreed-upon-procedures engagements as described in §200.425 Audit services.
(f) Verify that every subrecipient is audited as required by Subpart F—Audit Requirements of this part when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in §200.501 Audit requirements.
Highlights of the Requirement Excerpts Above:
Following are some of the highlights and note-worthy observations of the Uniform Guidance’s requirement excerpts from above:
3. Monitoring may include:
As each monitoring task is performed, the responsible Agency employee performing the monitoring task shall document in the subgrantee’s file the date, who was involved from the Agency and subgrantee, what tasks performed, the results of the task, and necessary next steps.
Linking Monitoring to Risk Assessment Results
In a previous blog post, we presented two sample risk assessment checklists/questionnaires: one to be completed by a financial expert based on information available in the subrecipient’s financial report, and one to be completed by pass-through entity program staff based on knowledge of the subrecipient.
The results of the risk assessment should be summarized into a Risk Assessment Summary (click the link to jump to the section to view and/or download the risk assessment summary template.). This summary assigns a weighted risk score for each risk criterion, calculates a risk score for each subrecipient, and visually displays the identified areas of risk. The risk score will be used to determine the level of monitoring required.
There are many acceptable methods to link the results of the risk assessments to the monitoring that will be performed. The level and type of monitoring will likely change as pass-through entities learn from conducting more monitoring. However, several pass-through entities, that we are working with, are assigning monitoring levels based solely on the risk score.
● 85-100 = Minimum monitoring
● 70-84 = Desk review
● 55-69 = On-site visit
● < 55 = Agreed-upon-procedures
When a subrecipient does not make progress according to the CAP, the pass-through entity will consider one or all of the sanctions listed below.
Continued lack of progress will require the pass-through entity to escalate sanctions until compliance is achieved; otherwise the pass-through entity will be considered non-compliant with the federal requirements.
Possible sanctions can include:
● Additional training and technical assistance
● Delay payments to subrecipient until they comply
● Deny a portion of requested payments for activities not in compliance
● Suspend or terminate the contract
● Reduce funding in next contract
● Decline to renew contract when it ends
● Initiate federal suspension or debarment proceedings
● Other legally available actions
Other Blog Posts Related to Subrecipient Monitoring:
We have previously provided guidance on subrecipient monitoring in these blog posts (this list will get more extensive as new posts are added on):
Watch for upcoming blog posts about the Uniform Guidance requirements:
● Data Collection
If you have questions or would like hands-on advice on how to implement the recommendations in this blog post in your organization, Kevin is available to answer questions via phone or email at no cost to you:
Kevin Harper, CPA
If you'd like to get more free tips, as well as downloadable tools and templates for your agency, please join our mailing list here!
(We send 1-2 emails a month at a maximum, and only send useful information. You can unsubscribe at any time.)
ConTroll - The Government Finance and Accounting Blog
We're helping local governments improve
their controls and administrative operations.
Kevin W. Harper is a certified public accountant and has decades of audit and consulting experience, entirely in service to local governments. He is committed to helping government entities improve internal operations and enact controls that will minimize risk and improve day-to-day functions.
Stay in Touch!