POST-AWARD FINANCIAL
COMPLIANCE
Presented by:
Jerry Fife,
Assistant Vice Chancellor for Research Finance, Vanderbilt
University, jerry.g.fife@vanderbilt.edu
Ted Mordhorst,
Assistant Director for Post Award Compliance, University of
Washington, tedm2@u.washington.edu
Introduction
COMPLIANCE:
The legal and ethical conduct of sponsored
projects or programs.
This includes both the administrative and
technical conduct of the project or program.
Workshop Goal

Participants will:
gain a greater understanding of the post award
compliance issues we all face.
 be provided with a tool for assessing and monitoring
the various areas of compliance.

Compliance – Why?

Maintains relationship of TRUST with
sponsors

Provides for proper stewardship to safeguard
investments in research.

It is the right thing to do!
What are the Risk Factors?

Withholding of future awards.

Audit findings/cost disallowances

Criminal, civil and administrative penalties.

Loss of administrative flexibility.
What are the Risk Factors?

Reputation with sponsors, donors,
legislators, staff, faculty and students.

Public embarrassment.

Loss of public confidence.
Financial Mismanagement

Incorrect reporting of time and effort.

Not accounting for or reporting program
income.

Improper allocation of costs.
Financial Mismanagement

Inconsistent/improper accounting of F&A
costs.

Last minute cost transfers.

Improper payments to subcontractors.
Federal Sentencing Guidelines

One significant aspect of the Guidelines is that each
organization is responsible for the wrongful acts of its
employees as long as the employees were acting in their
official capacity.

The theory is that the organization shares a degree of
culpability if an employee acts in an unlawful manner, even if
the organization did not know of or approve of their
actions.
Federal Sentencing Guidelines
Important factors upon which organizations will
be judged by the federal government include:
1.
2.
3.
4.
5.
the absence of proper internal controls,
knowing participation by high level
management,
previous violations,
lack of anti-fraud procedures and
the absence of ethics training.
What can we do?

Initiate or maintain a proactive compliance
program.

The NIH Office of Inspector General
suggested compliance program guidelines.
NIH - OIG

Compliance Program Guidance (CPG)for
Recipients of NIH Research Grants

The purpose of this guidance will be to assist
organizations in preventing fraud and abuse and in
better complying with Federal requirements. We
anticipate that the guidance for recipients of NIH
research grants will contain seven elements that we
consider necessary for a comprehensive compliance
program. These seven elements include:
NIH – OIG



(continued)
Implementing written policies and
procedures that foster an institutional
commitment to stewardship and
compliance;
Designating a compliance officer and
compliance committee;
Conducting effective training and
education;
NIH – OIG



(continued)
Developing effective lines of
communication;
Conducting internal monitoring and
auditing;
Enforcing standards through wellpublicized disciplinary guidelines:
NIH – OIG


(continued)
Responding promptly to detected problems,
undertaking corrective action, and reporting to
the appropriate Federal agency.
NIH is also considering an eighth element,
``Defining roles and responsibilities and
assigning oversight responsibility, '' that would
include a discussion of the importance of
effectively delegating oversight authority.
Where to Begin?

Identify areas that most commonly result in
non-compliance

Review recent audit results.

Review agency audit plans
DHHS PILOT AUDITS
The DHHS OIG’s office plans to conduct pilot
audits at universities in five areas.
1.
2.
3.
4.
5.
Direct Charging of Clerical and
Administrative Salaries
Cost Transfers
Cost Sharing/Matching
Sub recipient Monitoring
Effort
Risk Management Plan

Key component of institutional defense “due diligence”.

Used to mitigate institutional risk to an
acceptable level.
Risk Assessment



RISK – An uncertainty that could impact the
institution’s ability to achieve it’s goals and
objectives.
Identify areas of Risk.
Develop a Matrix
Borrowed from the University of Texas at San Antonio web site with permission
from Donna Holmes
The Risk Matrix

In the left hand column, Identify activities
with the greatest risk.

Examples: Allowable costs




?
?
?
In the rows identify the risk factors.

Example for allowable costs: Costs charged to a
grant are not allocable to the grant.
Areas used to Evaluate Risk level

Balance size of population in dollars,
(materiality).

Size of area. Overall budgetary
responsibility.

Responsibility for federal funds.
Areas used to Evaluate Risk level

Employee turnover.

Level of automation.

Extent of decentralization.
Areas used to Evaluate Risk level

Segregation of duties.

Applicability of external laws, regulations
and terms & conditions
Areas used to Evaluate Risk level

Frequency of audit.

Audit finding history

Interest shown by outside constituents.
Basis for Determining Compliance





Federal regulations: OMB Circulars, FAR,
etc.
Award Terms & Conditions
Non-federal Terms & Conditions
Institutional Policies and Procedures, CAS
Ethical Conduct
Monitoring Plan






Area to be assessed
Specific risks
Risk Rating
Regulatory Basis
Institutional Policy
Person Responsible
Monitoring Matrix






Operating control
Evidence of control
Supervisory Control
Evidence of control
Oversight Control
Evidence of control
Training Matrix





Who to train
Level of knowledge required
Frequency
Trainer
Testing method
Reporting Matrix




Activity to be reported
Type of information to be reported
Frequency of Reporting
Recipient of report
Key Components

Written Policies & Procedures

Assessment

Training

Anonymous reporting
Wrap-Up

Questions?
Resources

University Compliance web pages

Agency OIG web pages

NCURA and (SRA)