Directive on Recipient Audit
Chief Financial Officer Sector
Date: June 1, 2015
PDF Version (403 Kb, 14 Pages)
1.0 Effective Date
1.1 The AANDC Directive on Recipient Audit is effective on June 1, 2015. This directive supersedes Recipient Audit Policy 300, April 2013.
2.1 This AANDC Directive on Recipient Audit (the directive) applies to all Aboriginal Affairs and Northern Development Canada (AANDC) personnel who have been assigned responsibilities for the management of transfer payments, where the Funding Agreement contains a Right to Audit clause.
2.2 This directive is issued under the authority of the AANDC Chief Financial Officer (CFO) under the Treasury Board Policy on Transfer Payments (2008). It sets out the roles and responsibilities of those involved in the recipient audit management processes, and outlines the department’s management practices and related activities.
2.3 Definitions for the terms used in this directive are provided in Annex A: Definitions.
3.0 Context: Why Effective Management of Recipient Audits is Important
3.1 AANDC is required to ensure that transfer payments are managed in a manner that reflects sound stewardship, integrity and transparency, while also demonstrating sensitivity to risks, complexity, accountability for results and economic use of resources. In this context, AANDC is also required to exercise effective oversight of its transfer payments.
3.2 This oversight includes monitoring of compliance and the use of funds by recipients. It is expected that the level of monitoring increases proportionally with the sensitivity, complexity, risk and materiality of the project(s)/program(s)/activity(ies) funded; the value of funding in the Funding Agreements; and the risk profile of the recipient.
3.3 Recipient audit is one of several components of monitoring and an essential component of the department's recipient-facing G&C "continuum" of compliance and assurance. It is an independent assessment, carried out by an independent auditor (and not by AANDC Internal Audit), to provide assurance on a recipient's compliance with a funding agreement. Recipient audits will be managed in a way that reflects risks specific to the program(s)/project(s)/activity(ies) for which funding is provided, the recipient risk, and the value of the funding agreement in relation to administrative costs of the recipient audit, and ensures the efficient use of resources required to conduct the audits.
3.4 This directive supports the objectives of the Policy on Transfer Payments and the Directive on Transfer Payments by setting out the policy framework for AANDC recipient audits and a departmental approach for the management of recipient audits. It also reflects key practices set out in the Treasury Board Secretariat (TBS) Guideline on Recipient Audits issued under the Policy on Transfer Payments and the Directive on Transfer Payments.
4.0 Directive Statement
4.1.1 The objective of this directive is to ensure that recipient audits are managed effectively and efficiently through a departmental management cycle (as per the diagram in Figure 1) and in a way that reflects:
- risks and materiality specific to the program(s)/project(s)/activity(ies) funded;
- the overall value of the Funding Agreement;
- the administrative costs of the recipient audit in relation to the value of the agreement;
- the risk profile of the recipient; and
- the potential value of the results in enhancing the effectiveness and efficiency of transfer payment management activities in the department.
4.2 Expected Results
4.2.1 The expected results of this directive are:
- Administrative processes and procedures for the management of recipient audits are well communicated and standardized throughout the department;
- Choices in respect of recipient audits reflect a conscious preoccupation with allocating scarce departmental resources where public funds are at most risk and where results of recipient audits are most valuable to the department in improving the management of transfer payments;
- The results of recipient audits – including findings, recommendations, identification of possible recoveries of overpayments, ineligible or inappropriate uses of funds, or erroneous payments, and repayment schedules recommended – are reviewed, followed up and acted on promptly and effectively by all those concerned;
- There are clearly articulated and well-understood roles, responsibilities and accountabilities for all departmental stakeholders involved in recipient audits; and
- All departmental personnel involved in the recipient audit processes have the knowledge, guidance and tools available to effectively perform their roles and responsibilities.
5.0 Directive Requirements
Recipient audits at AANDC shall be managed in accordance with the management cycle shown in Figure 1. In implementing this management cycle in the department, the following principles will be applied:
5.1 Right to Audit clause
5.1.1 AANDC funding agreements for contributions and, where appropriate, for grants, contain provisions that give the department a right to audit accounts and records of the recipient and of any entity to which the recipient delegates funding agreement obligations or transfers funding. The Right to Audit clause contained in AANDC funding agreements covers recipient audits under this directive, and enables AANDC to:
- Assess or review the recipient's compliance with the terms and conditions of the funding agreement;
- Review the recipient's program management and financial control practices in relation to the funding agreement;
- Confirm the integrity of any data which has been reported by the recipient pursuant to the funding agreement; and/or
- Audit the management practices of the recipient in relation to the funding agreement.
5.2 Recipient Audit Plan
5.2.1 An annual Recipient Audit Plan that considers all departmental transfer payment programs shall be developed and maintained by the CFO Sector with substantive input from regions and programs. It will be based on the risk profiles of recipients (e.g., GA scores, information from other recipient monitoring activities, etc.), and on a series of factors established from time to time by senior management.
5.2.2 Scarce departmental resources available to support recipient audits must be used judiciously. As such, as a general rule, such resources must be placed where public funds are at most risk, and regions (normally through the RDGs) and program sectors (through ADMs) must be consulted on the selection of recipients to be audited. The overall objective is to focus the assurances provided by recipient audits on the areas where most public funds (i.e., highest materiality) are at most risk (e.g., risk of misuse, of erroneous use, or of non-compliance with the rules governing their use and reporting) and where the results of audits provide the most useful information for the department (e.g., by revealing systemic weaknesses in the department's management of the relationships with their funding recipients.)
5.2.3 As such, the development of the Recipient Audit Plan will also consider:
- the objectives for each audit and what is expected to be achieved for program and departmental benefit through the audit;
- how the audit results will help in improving the management of funding agreements in the department and the integrity of the management control framework for G&C;
- why the results expected will not duplicate the results from other monitoring or assurance activities in the department.
5.3 Selecting the independent auditor
5.3.1 Recipient audits shall be conducted by independent and qualified auditors selected through a standardized procurement tool using a streamlined competitive selection process from a pre-qualified pool of recipient audit specialists.
5.4 Contracting with the independent auditor
5.4.1 In addition to the standard clauses, the contract with the selected independent auditor shall include clauses that provide that where the recipient audit findings identify possible overpayments, ineligible or inappropriate uses of funds, or erroneous payments which may result in amounts owing to the department (accounts receivables), the independent auditor shall also include in the recipient audit report and in its summary a recommendation on a reasonable repayment schedule.
5.4.2 In making the recommendation on the repayment schedule, the independent auditor should consider:
- the circumstances of the debtor's financial position and the impact of the repayment schedule on that position and on the ability of the debtor to continue to operate and provide essential services without defaulting on their funding agreements;
- the impact of the repayment schedule on the health and safety of those who rely on services provided by the debtor (e.g., First Nation community members);
- provincial and national practices (e.g., ratios, approaches and benchmarks used) customary in such circumstances in respect of determining repayment schedules; and
- the desirability of recovering all receivables in the shortest timeframe practicable.
5.4.3 To help auditors in preparing their recommendations, auditors should be made aware of – and consider the provisions set out in – the Directive on Management of Amounts Owing to AANDC, Appendix H: Financial Hardship Relief Criteria for Debtors.
5.4.4 To ensure that the independent auditor is able to provide a fair and balanced recommendation on potential amounts owing to the department and on repayment schedules, AANDC shall provide the independent auditor with all additional guidance material and criteria (e.g., health and safety criteria to consider, etc.) in current use in the department. Regional personnel in the department will also assist the independent auditor in gaining a proper understanding of the circumstances of the debtor and the potential impacts of any repayments on the debtor's ability to continue operations and provide essential services.
5.5 Coordination of recipient audits
5.5.1 Coordination of recipient audits and other monitoring and oversight activities within the department and with other government departments is the preferred approach. Where possible and appropriate, joint recipient audits – a coordinated approach to recipient auditing whereby an auditor representing some or all funders conducts a single recipient audit of a common recipient – shall be considered both within the department (e.g., program compliance reviews done concurrently with recipient audits) and with other departments targeting the same recipients.
5.6 Receipt and review of recipient audit results
Receipt and review
5.6.1 Upon receipt of the auditors' report, senior AANDC managers (e.g., Cost Centre Managers with Delegated Financial Signing Authority for Funding Agreements, Directors General, Regional Directors General or Program Directors, as appropriate) are responsible to ensure that:
- the auditors' report is reviewed, and the auditor's attention is drawn to any statements, assumptions, assertions or conclusions reached that appear to be made without the benefit of all material information;
- any disagreements between the region/program and the auditors are resolved within 30 days of the receipt of the auditors' report; if these disagreements cannot be resolved within 30 days, the report will be deemed as accepted by the department.
Absence of information/records
5.6.2 Where the auditors' report finds that there was a complete absence of information/records on which to base their findings, and where this was due to natural disasters (e.g., flooding, fire, etc.) beyond the control of the recipient, and which resulted in entire year(s) of funding being disallowed, senior AANDC managers will ensure that:
- the auditors' summary report is published after approval for publication;
- a corresponding management letter is sent to the recipient;
- their staff work with the recipient to support them in re-establishing missing information/ records; and
- the records once reconstituted are reviewed to establish if any recoveries or other actions are appropriate.
5.6.3 Where the auditors' report finds that information/records are unavailable due to governance issues, senior AANDC managers will ensure that:
- a distinction is made between unwillingness to share/willful destruction of information/records AND willingness, but inability to share due to actions beyond their control;
- for recipients who are unwilling to cooperate or where there is a suggestion that information/ records have been deliberately destroyed/withheld:
- a receivable in the amount suggested by the auditors' report is recognized and booked in departmental systems; and
- the provisions of Default Prevention and Management Policy are applied (the recipient is deemed to be in default);
- for recipients who are willing to cooperate but do not have records available due to removal/ destruction beyond their control (e.g., by a previous administration or a "rogue" employee since disciplined), consider:
- re-engaging the original audit firm to do additional work on the audit;
- delaying publication of the auditors' summary report and management letters until the follow-up report is received;
- establishing a receivable according to the revised amount;
- assisting the recipient in re-assembling the information/records where possible; and
- reviewing the information/records, once reassembled, to establish what actions are appropriate.
5.6.4 In the interest of ensuring that follow-up actions can begin at the earliest, reasonable and justifiable extensions shall only be granted in exceptional circumstances.
5.7 Follow-up on recipient audit results
5.7.1 Where the auditors' report finds no significant information/records availability issues or where such issues have been resolved (e.g., information/records were reconstituted and auditors have had an opportunity to review them), and following the resolution of any disagreements between the region/program and the auditors, senior AANDC managers will ensure that:
- within 30 days after the receipt of the auditors' report, the report is forwarded to the recipient, requesting that the recipient provide a response within 30 days of receipt, while also informing the recipient that summaries of the auditors' report and their response would be published on the department's website;
- the recipient is informed, as appropriate, of any amounts owing identified in the auditors' report and repayment schedules recommended by the auditors, and requested to confirm these amounts and repayment schedules; and
- the recipient is informed that the next step would be the establishment of a Recipient Action Plan to ensure that the recipient addresses the findings in the report and, as appropriate, the repayment of any confirmed amounts owing to the department.
Recipient Action Plan
5.7.2 In establishing the Recipient Action Plan, senior AANDC managers will ensure that:
- AANDC works with and assists the recipient in the preparation of the Plan;
- where a recipient audit finds significant deficiencies in the recipient's financial controls and management practices, the department recommends that the recipient engage the Aboriginal Financial Officers Association (AFOA) or other qualified organization to assist the recipient in remedying these deficiencies and enhance its financial management capacity an practices. (The CFO, subject to capacity development/default prevention funding being made available for this purpose, will pay these costs, up to a ceiling to be established by the CFO.)
- the Recipient Action Plan includes, but is not be limited to:
- how the recipient proposes to address the key findings in the auditors' report that indicate shortcomings in the recipient's responsibilities under the funding agreement and the timelines in which these will be addressed;
- how the recipient proposes to repay any amounts owing to the department (i.e., the method of recovery) and according to what repayment schedule;
- if the recipient audit identified significant deficiencies in the recipient's financial controls or management practices, how the recipient proposes to address these deficiencies;
- if recipient audit identified other capacity deficiencies, how the recipient proposes to address these deficiencies;
- the CFO is consulted before a Recipient Action Plan is approved.
5.7.3 The CFO will review the Recipient Action Plan and will:
- concur in the approval of the Plan where the terms of the plan are substantially in line with the auditors' recommendations; or
- submit the Plan, the auditors' report, and the recipient's response to the ADM PTP Steering Committee for review, and act on the recommendations of the Committee.
Initiating recovery of amounts owing to AANDC
5.7.4 Upon approval of the Recipient Action Plan, where a recipient audit has detected potential amounts owing to the department:
- the existence of a legal debt (a legal obligation to pay a verified amount) should be established by senior AANDC managers before a receivable is booked in departmental systems and a recovery initiated. It is prudent to confirm that any amount that has been as identified as potentially recoverable is indeed owing to AANDC under the terms of the applicable funding agreement(s) before it is treated as a receivable; and
- these amounts (recognized AANDC receivables), the method of recovery and the repayment schedule are booked promptly in departmental systems (as per the Directive on Management of Amounts Owing to AANDC).
5.8 Publication of recipient audit reports, responses and action plans
5.8.1 Summaries of recipient audit reports, recipient responses and recipient action plans shall be prepared and posted on the AANDC website as soon as approved by the Deputy Minister in accordance with the departmental web publishing process.
5.9 Recipient audit roles, responsibilities and accountabilities
5.9.1 The Deputy Minister is responsible to ensure cost-effective oversight and internal control to support the management of transfer payments, including recipient audits and follow-up actions on recipient audit results. The Deputy Minister will also approve for publication summaries of recipient audit reports, recipient responses and action plans prepared by recipients in response to audit findings.
Chief Financial Officer
5.9.2 The Chief Financial Officer is responsible for:
- Developing departmental selection criteria for recipient audits and submitting these criteria for review and approval by the ADM PTP Steering Committee;
- Establishing the processes and procedures required for the implementation of this directive and the internal controls necessary to ensure their ongoing effectiveness and integrity;
- Maintaining the necessary Supply Arrangements for engaging independent auditors
- Establishing and maintaining the departmental Recipient Audit Plan;
- Assigning independent auditors to specific audits identified in the departmental Recipient Audit Plan;
- Putting in place the necessary administrative processes and documents to manage procurement and billing aspects of all individual recipient audits;
- Providing assistance and guidance to departmental personnel with responsibilities for recipient audits for the review and follow-up on recipient audit results;
- Providing secretariat support to departmental committees reviewing matters arising from recipient audit findings;
- Conducting quality assurance reviews on recipient audit reports received from auditors;
- Reviewing Recipient Action Plans before their approval;
- Monitoring the implementation of this directive, including investigating and acting when significant compliance issues arise to ensure that appropriate remedial actions are taken to address these issues; and
- Establishing and overseeing a continuous improvement program for the management of recipient audits in the department.
RDGs and Program ADMs
5.9.3 RDGs and Program ADMs will:
- Provide input into the development of departmental criteria for selection of recipient audits;
- Approve local (regional/program) criteria that complement departmental criteria for selection of recipient audits in their regions/programs;
- Approve the recipient audits selected within their areas of responsibility and provide required input in the development of the Recipient Audit Plan, including prioritizing selected recipient audits;
- Ensure the review of the content, assumptions and assertions in recipient audit reports and the prompt resolution of any disagreements with the auditors' assumptions and assertions;
- Ensure the establishment, review and approval of recipient action plans in response to audit reports, and any other follow-up required from the findings and recommendations of recipient audit reports; and
- Ensure that any confirmed amounts owing to AANDC are booked promptly in departmental systems.
Chief Audit and Evaluation Executive (CAEE)
5.9.4 Recipient audits are conducted by independent auditors. CAEE as the functional authority for audit will provide advice to the CFO and departmental managers on the approach for selecting recipients for recipient audits; on recipient auditing scoping, standards, report contents and practices; and on follow-up actions, which may include subsequent recipient audits or forensic audits.
5.9.5 The CAEE intervenes when significant recipient audit findings related to departmental transfer payment activities require follow-up action in the form of management practices reviews or internal audits.
5.9.6 The risk-based Departmental Audit Plan for which the CAEE is responsible takes into consideration relevant findings of recipient audits.
Other AANDC managers, staff and committees
5.9.7 Cost Centre Managers with Delegated Financial Signing Authority for Funding Agreements will:
- Assist in the selection of recipient audits within their areas of responsibilities;
- Provide input into the scoping of recipient audits, as required;
- Ensure that the independent auditors have the information they need in order to identify correctly any potential receivables and make a fair and balanced recommendation regarding repayment schedules for these receivables;
- Review and follow-up on recipient audit findings, per the Management Letters, the Default Prevention and Management Policy, and the Directive on Amounts Owing to AANDC, as appropriate;
5.9.8 Regions where the recipient audit occurs shall review audit reports for accuracy to identify any material errors or misstatements (e.g., as a result of material information or documents which were not available to the auditor, or which the auditor did not have an opportunity to review).
5.9.9 Committees in the regions (e.g., Regional Operations Committees, Regional Financial Management Committees, etc.) and at headquarters, including the DG PTP Working Group and the ADM PTP Steering Committee, support effective and efficient management of recipient audits and follow-up actions as required. Terms of Reference for these departmental committees are available in the Directive on Management of Amounts Owing to AANDC, Appendix L: Terms of Reference for the ADM PTP Steering Committee, and Appendix M: Terms of Reference for the DG PTP Working Group.
5.9.10 AANDC staff support AANDC managers and the committees established in carrying out their responsibilities, as directed.
6.1 The CFO will monitor department-wide adherence to this directive and the integrity and effectiveness of its implementation, and will initiate prompt action designed to correct identified deficiencies, enhance compliance and make improvements to the directive, its supporting procedures and guidelines, and in the approach to their implementation.
6.2 The CFO may share the results of monitoring with other departmental governance committees (e.g., Operations Committee), as appropriate, for information or advice.
6.3 The CFO will establish a framework for the review of the continuing relevance, effectiveness and efficient implementation of this directive and its supporting procedures and guidelines, and ensure that:
- an initial implementation review is conducted within 6 months after the effective date of this directive; and
- formative and summative reviews are conducted mid-term and within five years respectively after the effective date of this directive.
7.1 Consequences of non-compliance with this directive, or of failure to take corrective actions that may be requested by the CFO, may include reporting to Senior Management, requiring additional training, changes to procedures and systems, the suspension or removal of delegated authority, disciplinary action, and other measures as appropriate.
8.1 For enquiries and interpretations please contact the AANDC Transfer Payments Centre of Expertise at PaiementTransferCentreExpertise.TransferPaymentCentreExpertise@aadnc-aandc.gc.ca
8.2 For enquiries related to specific recipient audits, please contact: VerifBeneficiaireCEPT_RcptAuditTPCOE@aadnc-aandc.gc.ca
Annex A: Definitions
AANDC Managers (Gestionnaires d'AADNC) – Departmental managers who have been assigned responsibilities for the management of transfer payments.
Accounts receivable (Comptes débiteurs) – A category of accounts which refers to all amounts owed to Aboriginal Affairs and Northern Development Canada other than those amounts with respect to direct loans, defaulted guaranteed loans and accrued interest receivable on these loans. The department has accounts receivable from internal parties (employees), from external parties (for example, recipients, non-public servants, provincial governments etc.) and from other government departments.
Contribution (Contribution) – A contribution is a transfer payment subject to performance conditions specified in a funding agreement. A contribution is to be accounted for and is subject to audit.
Follow-up actions (Actions suivantes) – Appropriate and authorized departmental actions arising from the review of recipient audit results.
Forensic Audit (Vérification juricomptable) – An examination conducted by a qualified independent auditor using specific auditing procedures designed to identify and gather evidence to support a forensic assessment of possible irregularities, including the misappropriation of funds or assets, reported fraud or specific allegations on the part of a recipient or an individual.
Funding Agreement (Entente de financement) – A written agreement or documentation constituting an agreement between the Government of Canada and an applicant or a recipient, setting out the obligations or understandings of both with respect to one or more transfer payments.
Grant (Subvention) – Is a transfer payment subject to pre-established eligibility and other entitlement criteria. A grant is not ordinarily subject to being accounted for by a recipient nor subject to audit by the department, however the recipient may be required to report on results achieved and may, under certain circumstances, be subject to a recipient audit.
Independent Auditor (Vérificateur indépendent) – An auditor who is independent of the recipient and not subject to a conflict of interest either actual or perceived with respect to the recipient, and who is free of bias toward program management or the department.
Joint Recipient Audit (Vérification unique d'un bénéficiaire) – A joint recipient audit is a coordinated approach to recipient auditing whereby an auditor representing 2 or more funders conducts a single audit of a common recipient to verify compliance with terms and conditions of some or all funding agreements with that particular recipient.
Materiality (Importance relative) – Relative importance of the amounts at stake in comparison with a total amount; an amount is said to be material when its relative importance is considered significant in regards of the totality.
Receivable (Créance) – A financial asset representing a legally enforceable claim against a debtor, which will result in future inflows of cash. Receivables include short and long term accounts receivable, and loans receivable.
Recipient (Bénéficiaire) – For the purpose of this directive, is an individual or entity that either has been authorized to receive a transfer payment or that has received that transfer payment.
Recipient Audit (Vérification du bénéficiaire) – An independent assessment to provide assurance on a recipient's compliance with a funding agreement. The scope of a recipient audit may address any or all financial and non-financial aspects of the funding agreement. It should be noted that recipient audits are initiated by departmental management; this distinguishes them from internal audits, which are initiated by the Chief Audit and Evaluation sector independently of departmental management.
Recipient Audit Plan (Plan de vérification des bénéficiaires) – An annual plan consisting of a list of recipients selected by the department for a recipient audit to be conducted by an independent auditor selected by the department. This is different and distinct from the Risk-based Departmental Audit Plan prepared by the Chief Audit and Evaluation Executive in respect of internal audit activities planned.
Recipient Monitoring (Surveillance du bénéficiaire) – Recipient monitoring relates to the activities undertaken or co-ordinated by a manager to control the risks related to a recipient and to follow-up on compliance with the obligations in a funding agreement. Recipient audit is a component of recipient monitoring.
Repayment schedule (Échéancier de remboursement) – A determination on the frequency and the partial amounts to be repaid by the debtor (typically in one lump sum payment or in monthly installments) or recovered from ongoing payments to the debtor (e.g., through one-time or monthly set-offs) to clear a debt. Repayment schedules do not ordinarily exceed 12 months, unless exceptional debtor circumstances (e.g., "hardship") exist.
Scope (of an Audit) (Étendue (d'une verification)) – The elements and time period that will be examined during a recipient audit.
Transfer Payments (Paiement de transfert) – Monetary payment, or a transfer of goods, services or assets made, on the basis of an appropriation, to a third party, including a Crown corporation, that does not result in the acquisition by the Government of Canada of any goods, services or assets. Transfer payments are categorized as grants, contributions and other transfer payments. Transfer payments do not include investments, loans or loan guarantees.
- Date modified: