Auditor General reports findings and management comments resulting from fiscal 2021 audit of State’s financial statements
STATE HOUSE – The Auditor General identified various weaknesses in the State’s internal control over financial reporting as part of the annual audit of the State’s financial statements for the year ended June 30, 2021. Certain of the findings relate to the influx of federal funds to address pandemic response efforts during fiscal 2021. Several findings are repeated from prior years.
The Auditor General highlighted that controls within the systems used to process unemployment insurance claims are insufficient to prevent fraudulent unemployment insurance benefit payments. The Department of Labor and Training has identified a significant amount of fraudulent benefits paid to claimants. More than $2.2 billion in unemployment benefits were paid during fiscal 2021.
The annual audit of the State’s fiscal 2021 financial statements was completed in January 2022. This most recent communication prepared by Auditor General Dennis E. Hoyle is directed to the Finance Committee of the House of Representatives and the Joint Committee on Legislative Services – those vested with official oversight of the annual audit. Government Auditing Standards require communication of deficiencies in internal control over financial reporting and material noncompliance based on the annual audit.
Overall, the report includes 36 findings detailing deficiencies in internal control or noncompliance matters.
The State is implementing its strategic plan to replace and enhance key statewide financial and administrative systems and is in the process of selecting a software vendor and system integrator. The auditors recommended that the implementation should focus on ensuring a successful outcome through effective management of critical risks. This effort is intended to address long-standing issues which negatively impact controls over operations and financial reporting resulting from the need for (1) increased investment in information technology to keep pace with citizen expectations, (2) rapid technology advancements, (3) meeting federal program compliance mandates, and (4) addressing business continuity risks.
Management focus, training and implementation resources have been insufficient to ensure that departments and agencies are assessing and documenting internal control consistent with management’s overall responsibility for the adequacy of the design and operation of internal control. Internal controls safeguard public resources and support accurate financial reporting.
The State received an unprecedented amount of federal assistance to respond to the effects of the global pandemic. Certain costs were reimbursable under multiple programs and federal guidance was continually evolving which resulted in changing direction as to costs to be applied to specific federal awards.
A variance of $2.5 million existed between the balance of the unexpended Coronavirus Relief Funds and the total federal award less cumulative expenditures through June 30, 2021. Reconciliations should also be completed to ensure eligible expenditures were not reimbursed from more than one funding source.
The auditors reported that an excessive volume of journal entries are recorded within the centralized accounting system. This volume weakens controls over the appropriate authorization and classification of expenditures and limits transparency regarding the underlying primary expenditure transactions.
Third-party insurance reimbursements for COVID testing totaling $3.2 million at June 30, 2021 are pending (1) credit to the federal government for previously reimbursed costs or (2) recognition as general revenues. Other third-party insurance recoveries that are in process have not been recognized as receivables, revenue, or amounts due to the federal government.
The State needs to (1) ensure its information technology security policies and procedures are current and (2) complete assessments of compliance for all critical IT applications. Systems posing the most significant operational risk should be prioritized.
The resources necessary to effectively manage and administer the OPEB (retiree healthcare) System to ensure all functions are met and adequately controlled should be assessed. A unified database or computer application is needed to maintain membership data for each of the State’s OPEB plans. This would improve controls over the administration of the benefit programs and the process to accumulate data necessary for periodic actuarial valuations of the OPEB plans for both funding and accounting purposes.
The Auditor General’s report also includes 16 management comments, which highlight various opportunities for enhancement of financial-related operational, policy or accounting control matters. These include:
- A formal funding policy should be adopted for the State’s OPEB plans which incorporates statutory provisions and key actuarial funding policies.
- The Office of the General Treasurer can enhance oversight of deposit collateral requirements and further diversify short-term investments. Functionalities to record the purchase and sale of short-term investments should be included in the proposed statewide ERP system.
- Bank account payment information for both employees and vendors are susceptible to fraudulent or unauthorized changes.
- The State should complete an inventory of leases or arrangements where the State has approved private entities to utilize space within State buildings and ensure that all such arrangements are formalized, approved, and centrally administered by the State.
Management’s response to the findings and management comments and planned corrective actions are included in the report. The Auditor General notes that the soon to be completed Single Audit Report will focus on the State’s compliance with requirements related to federal assistance expenditures.
A link to the report is provided below: