ARCHIVED - Directive on Recipient Audit

Archived information

This Web page has been archived on the Web. Archived information is provided for reference, research or record keeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.

Archived

This Web page has been archived on the Web.

PDF Version (439 Kb, 14 Pages)

Table of Contents

1.0 Effective Date

1.1 The INAC Directive on Recipient Audit is effective on June 1, 2015 and supersedes the Recipient Audit Policy 300, April 2013. Version 2.0 of the Directive on Recipient Audit takes effect September 6, 2016.

2.0 Application

2.1 This INAC Directive on Recipient Audit (the Directive) applies to all Indigenous and Northern Affairs Canada (INAC) personnel who have been assigned responsibilities for the management of transfer payments, where a funding agreement contains a "Right to Audit" clause.

2.2 This Directive is issued under the authority of the INAC Chief Financial Officer (CFO) under the Treasury Board Policy on Transfer Payments (2008). It sets out the roles and responsibilities of those involved in the recipient audit management processes, and outlines the department’s recipient audit management practices and related activities.

2.3 Definitions for the terms used in this Directive are provided in Annex A: Definitions.

3.0 Context: Why Effective Management of Recipient Audits is Important

3.1 INAC is required to ensure that transfer payments are managed in a manner that reflects sound stewardship, integrity and transparency, while also demonstrating sensitivity to risks, complexity, accountability for results and economic use of resources. In this context, INAC is also required to exercise effective oversight of its transfer payments.

3.2 This oversight includes monitoring of compliance and the use of funds by recipients. It is expected that the level of monitoring increases proportionally with the sensitivity, complexity, risk and materiality of the project(s)/program(s)/activity(ies) funded; the value of funding in the Funding Agreements; and the risk profile of the recipient.

3.3 Recipient audit is one of several components of monitoring and an essential component of the department's recipient-facing G&C "continuum" of compliance and assurance. It is an independent assessment, carried out by an independent auditor (and not by INAC Internal Audit), to provide assurance on a recipient's compliance with a funding agreement. Recipient audits will be managed in a way that reflects risks specific to the program(s)/project(s)/activity(ies) for which funding is provided, the recipient risk, and the value of the funding agreement in relation to administrative costs of the recipient audit, and ensures the efficient use of resources required to conduct the audits.

3.4 This directive supports the objectives of the Policy on Transfer Payments and the Directive on Transfer Payments by setting out the policy framework for INAC recipient audits and a departmental approach for the management of recipient audits. It also reflects key practices set out in the Treasury Board Secretariat (TBS) Guideline on Recipient Audits issued under the Policy on Transfer Payments and the Directive on Transfer Payments.

4.0 Directive Statement

4.1 Objective

4.1.1 The objective of this directive is to ensure that recipient audits are managed effectively and efficiently through a departmental management cycle (as per the diagram in Figure 1) and in a way that reflects:

  1. risks and materiality specific to the program(s)/project(s)/activity(ies) funded;
  2. the overall value of the Funding Agreement;
  3. the administrative costs of the recipient audit in relation to the value of the agreement;
  4. the risk profile of the recipient; and
  5. the potential value of the results in enhancing the effectiveness and efficiency of transfer payment management activities in the department.

4.2 Expected Results

4.2.1 The expected results of this directive are:

  1. Administrative processes and procedures for the management of recipient audits are well communicated and standardized throughout the department;
  2. Choices in respect of recipient audits reflect a conscious preoccupation with allocating scarce departmental resources where public funds are at most risk and where results of recipient audits are most valuable to the department in improving the management of transfer payments;
  3. The results of recipient audits – including findings, recommendations, identification of possible recoveries of overpayments, ineligible or inappropriate uses of funds, or erroneous payments, and repayment schedules recommended – are reviewed, followed up and acted on promptly and effectively by all those concerned;
  4. There are clearly articulated and well-understood roles, responsibilities and accountabilities for all departmental stakeholders involved in recipient audits;
  5. All departmental personnel involved in the recipient audit processes have the knowledge, guidance and tools available to effectively perform their roles and responsibilities; and
  6. The results of recipient audits identify areas for improvement and inform capacity development initiatives where appropriate.

    Annual Departmental Recipient Audit Management Cycle
    Figure 1: Annual INAC Recipient Audit Management Cycle

    Description of Annual INAC Recipient Audit (RA) Management Cycle graphic

    1. RA Selection

    • Department sets departmental selection criteria (CFO/ADM G&C Oversight Committee)
    • Programs/Regions add own selection criteria reflecting sector-specific circumstances
    • Programs/Regions propose RAs

    2. Departmental RA Plan

    • CFO prepares RA Plan with input from Regions/Programs
    • Review and approval by ADM G&C Oversight Committee
    • RA Plan communicated to Programs and Regions

    3. RAs Conducted

    • RA initiated (TPAS)
    • Auditors appointed (TPAS)
    • Regions/Programs assist auditors
    • Auditors complete field work and prepare RA report

    4. RA Reports Reviewed and Published

    • Content, assumptions and assertions review and feedback (Regions/Program)
    • Recipient response to audit obtained
    • Approve and accept final reports (TPAS)

    5. RA Results Follow-up

    • Management Plan developed and agreed with Regions/Programs
    • Receivables recognized and booked and repayment schedule approved
    • DG and ADM G&C Oversight Committees briefed (CFO)
    • Other committees (e.g., Operations and Audit) briefed as appropriate (CFO)

    6. Continuous RA Improvement

    • RA management cycle relevance and effectiveness review (CFO)
    • Improvement actions proposed (CFO)
    • Improvement actions reviewed and approved (ADM G&C Oversight Committee)
    • Review of how effectively Regions/Programs select recipients for audit

5.0 Directive Requirements

Recipient audits at INAC shall be managed in accordance with the management cycle shown in Figure 1. In implementing this management cycle in the department, the following principles will be applied:

5.1 Right to Audit clause

5.1.1 INAC funding agreements contain provisions that give the department a right to audit accounts and records of the recipient and of any entity to which the recipient delegates funding agreement obligations or transfers funding. The Right to Audit clause contained in INAC funding agreements covers recipient audits under this Directive, and enables INAC to:

  1. Assess or review the recipient's compliance with the terms and conditions of the funding agreement;
  2. Review the recipient's program management and financial control practices in relation to the funding agreement;
  3. Confirm the integrity of any data which has been reported by the recipient pursuant to the funding agreement; and/or
  4. Audit the management practices of the recipient in relation to the funding agreement.

5.2 Recipient Audit Plan

5.2.1 An annual Recipient Audit Plan that considers all departmental transfer payment programs shall be developed and maintained by the CFO Sector with substantive input from regions, programs and the Audit and Evaluation Sector. The Plan will be based on the risk profiles of recipients (e.g., GA scores, information from other recipient monitoring activities, etc.), and on a series of factors established from time to time by senior management.

5.2.2 Limited departmental resources available to support recipient audits must be used judiciously. As such, as a general rule, such resources must be placed where public funds are at most risk, and regions (normally through the RDGs) and program sectors (through ADMs) must be consulted on the selection of recipients to be audited. The overall objective is to focus the assurances provided by recipient audits on the areas where most public funds (i.e., highest materiality) are at most risk (e.g., risk of misuse, of erroneous use, or of non-compliance with the rules governing their use and reporting) and where the results of recipient audits provide the most useful information for the department and for recipients (e.g., by revealing systemic weaknesses in the department’s management of the relationships with their funding recipients, or by highlighting management strengths/weaknesses of the recipient.)

5.2.3 As such, the development of the Recipient Audit Plan will also consider:

  1. the objectives for each audit and what is expected to be achieved for program and departmental benefit through the audit;
  2. how the audit results will help in improving the management of funding agreements in the department and the integrity of the management control framework for G&C;
  3. why the results expected will not duplicate the results from other monitoring or assurance activities in the department.

5.2.4 Coordination of recipient audits and other monitoring and oversight activities within the department and with other government departments is the preferred approach. Where possible and appropriate, joint recipient audits – a coordinated approach to recipient auditing whereby an auditor representing some or all funders conducts a single recipient audit of a common recipient – shall be considered both within the department (e.g., program compliance reviews done concurrently with recipient audits) and with other departments targeting the same recipients.

5.3 Selecting the independent auditor

5.3.1 Recipient audits shall be conducted by independent and qualified auditors selected through a standardized procurement tool using a streamlined competitive selection process from a pre-qualified pool of recipient audit specialists.

5.4 Receipt and review of recipient audit results

Receipt and review

5.4.1 Upon receipt of the auditors' report, senior INAC managers (e.g., Cost Centre Managers with Delegated Financial Signing Authority for Funding Agreements, Directors General, Regional Directors General or Program Directors, as appropriate) are responsible to ensure that:

  1. For the auditors’ draft report: it is reviewed, and the auditor's attention is drawn to any statements, assumptions, assertions or conclusions reached that appear to be made without the benefit of all material information;
  2. For the auditor’s final report: that any disagreements between the region/program and the auditors are resolved within 30 days of the receipt of the auditors’ final report. If these disagreements cannot be resolved within 30 days, the report will be deemed as accepted by the department.

Absence of information/records

5.4.2 Where the auditor finds that there was a complete absence of information/records on which to base their findings, and where this was due to natural disasters (e.g., flooding, fire, etc.) beyond the control of the recipient, and which resulted in entire year(s) of funding being disallowed, senior INAC managers will ensure that:

  1. A departmental Management Letter reflecting the situation is sent to the recipient
  2. Staff work with the recipient to support them in re-establishing missing information/ records; and
  3. The records once reconstituted are reviewed to establish if any recoveries or other actions are appropriate.

5.4.3 Where the auditors' report finds that information/records are unavailable due to governance issues, senior INAC managers will ensure that:

  1. A distinction is made between unwillingness to share/willful destruction of information/records AND willingness, but inability to share due to actions beyond their control;
  2. For recipients who are unwilling to cooperate or where there is a suggestion that information/ records have been deliberately destroyed/withheld:
    1. A receivable in the amount suggested by the auditors' report is recognized and booked in departmental systems; and
    2. The provisions of Default Prevention and Management Policy are applied (the recipient is deemed to be in default);
  3. For recipients who are willing to cooperate but do not have records available due to removal/ destruction beyond their control, consider:
    1. Re-engaging the original audit firm to do additional work on the audit;
    2. Establishing a receivable according to the revised amount;
    3. Assisting the recipient in re-assembling the information/records where possible; and
    4. Reviewing the information/records, once reassembled, to establish what actions are appropriate.
    5. reviewing the information/records, once reassembled, to establish what actions are appropriate.

5.4.4 In the interest of ensuring that follow-up actions can begin at the earliest opportunity, only reasonable and justifiable extensions shall be granted.

5.5 Follow-up on recipient audit results

Recipient response

5.5.1 Where the auditors' report finds no significant information/records availability issues or where such issues have been resolved (e.g., information/records were reconstituted and auditors have had an opportunity to review them), and following the resolution of any disagreements between the region/program and the auditors, senior INAC managers will ensure that:

  1. Within 30 days after the receipt of the auditors' report, the report is forwarded to the recipient, requesting that the recipient provide a response within 30 days of receipt;
  2. The recipient is informed, as appropriate, of any amounts owing identified in the auditors’ report, and requested to confirm these amounts; and
  3. The recipient is informed that the next step would be the establishment of a management plan to ensure that the recipient addresses the findings in the report and, as appropriate, the repayment of any confirmed amounts owing to the department.

Monitoring Results of the Recipient Audit

5.5.2 In monitoring follow-up to the Recipient Audit, senior INAC managers will ensure that:

  1. Where a recipient audit identifies a default or a potential default to the funding agreement, INAC will work with and assist the recipient in the preparation of either a Management Development Plan or Management Action Plan, as per the provisions of INAC Default Prevention and Management Policy;
  2. Where a recipient audit finds significant deficiencies in the recipient’s financial controls and management practices, the department recommends that the recipient engage the Aboriginal Financial Officers Association (AFOA) or other qualified organization to assist the recipient in remedying these deficiencies and enhancing its financial management capacity and practices. (The CFO, subject to capacity development/default prevention funding being made available for this purpose, will pay these costs, up to a ceiling to be established by the CFO.)
  3. Any Management Plan will include, but not be limited to:
    1. How the recipient proposes to address the key findings in the auditors' report that indicate shortcomings in the recipient's responsibilities under the funding agreement and the timelines in which these will be addressed;
    2. How the recipient proposes to repay any amounts owing to the department (i.e., the method of recovery) and according to what repayment schedule;
    3. If the recipient audit identified significant deficiencies in the recipient's financial controls or management practices, how the recipient proposes to address these deficiencies; and
    4. If recipient audit identified other capacity deficiencies, how the recipient proposes to address these deficiencies;
  4. The CFO is consulted before a Management Development Plan or Management Action Plan is approved.

5.5.3 The CFO will review the Management Development Plan or Management Action Plan and will:

  1. Concur in the approval of the Plan where the terms of the plan are substantially in line with the auditors' recommendations; or
  2. Submit the Plan, the auditors' report, and the recipient's response to the ADM G&Cs Oversight Committee for review, and act on the recommendations of the Committee.

Initiating recovery of amounts owing to INAC

5.5.4 Upon approval of the Management Plan, where a recipient audit has detected potential amounts owing to the department:

  1. The existence of a legal debt (a legal obligation to pay a verified amount) should be established by senior INAC managers before a receivable is booked in departmental systems and a recovery initiated. It is prudent to confirm that any amount that has been as identified as potentially recoverable is indeed owing to INAC under the terms of the applicable funding agreement(s) before it is treated as a receivable; and
  2. These amounts (recognized INAC receivables), the method of recovery, and the repayment schedule developed by the Corporate Accounting and Reporting Directorate (Management and Oversight of Amounts Owing Unit) are booked promptly in departmental systems, as per the Directive on the Management of Amounts Owing to INAC.

5.6 Publication of recipient audit reports and responses

5.6.1 A brief summary of the recipient audit report along with the management letter and the recipient response shall be posted on the INAC website as soon as approved by the Deputy Minister in accordance with the departmental web publishing process.

5.7 Recipient audit roles, responsibilities and accountabilities

Deputy Minister

5.7.1 The Deputy Minister is responsible for ensuring cost-effective oversight and internal control to support the management of transfer payments, including recipient audits and follow-up actions on recipient audit results. The Deputy Minister will also approve for publication summaries of recipient audit reports and recipient responses prepared by recipients in response to audit findings.

Chief Financial Officer

5.7.2 The Chief Financial Officer is responsible for:

  1. Developing departmental selection criteria for recipient audits and submitting these criteria for review and approval by the ADM G&Cs Oversight Committee;
  2. Establishing the processes and procedures required for the implementation of this directive and the internal controls necessary to ensure their ongoing effectiveness and integrity;
  3. Maintaining the necessary Supply Arrangements for engaging independent auditors;
  4. Establishing and maintaining the departmental Recipient Audit Plan;
  5. Assigning independent auditors to specific audits identified in the departmental Recipient Audit Plan;
  6. Putting in place the necessary administrative processes and documents to manage procurement and billing aspects of all individual recipient audits;
  7. Providing assistance and guidance to departmental personnel with responsibilities for recipient audits for the review and follow-up on recipient audit results;
  8. Providing secretariat support to departmental committees reviewing matters arising from recipient audit findings;
  9. Conducting quality assurance reviews on recipient audit reports received from auditors;
  10. Reviewing Management Development Plans and Management Action Plans before their approval;
  11. Monitoring the implementation of this directive, including investigating and acting when significant compliance issues arise to ensure that appropriate remedial actions are taken to address these issues; and
  12. Establishing and overseeing a continuous improvement program for the management of recipient audits in the department.

RDGs and Program ADMs

5.7.3 RDGs and Program ADMs will:

  1. Provide input into the development of departmental criteria for selection of recipient audits;
  2. Approve the recipient audits selected within their areas of responsibility and provide required input into the development of the Recipient Audit Plan, including prioritizing selected recipient audits;
  3. Ensure the review of the content, assumptions and assertions in recipient audit reports and the prompt resolution of any disagreements with the auditors' assumptions and assertions;
  4. Ensure the establishment, review and approval of Management Development Plans and Management Action Plans in response to audit reports, and any other follow-up required from the findings and recommendations of recipient audit reports; and
  5. Confirm the existence of a legal debt (when applicable) and ensure that any confirmed amounts owing to INAC are booked promptly in departmental systems.

Chief Audit and Evaluation Executive (CAEE)

5.7.4 Recipient audits are conducted by independent auditors. CAEE as the functional authority for audit will provide advice to the CFO and departmental managers on the approach for selecting recipients for recipient audits; on recipient auditing scoping, standards, report contents and practices; and on follow-up actions, which may include subsequent recipient audits, forensic audits or other investigations.

5.7.5 The CAEE intervenes when significant recipient audit findings related to departmental transfer payment activities require follow-up action in the form of management practices reviews or internal audits.

5.7.6 The risk-based Departmental Audit Plan for which the CAEE is responsible takes into consideration relevant findings of recipient audits.

Other INAC managers, staff and committees

5.7.7 Cost Centre Managers with Delegated Financial Signing Authority for Funding Agreements will:

  1. Assist in the selection of recipient audits within their areas of responsibilities;
  2. Provide input into the scoping of recipient audits, as required;
  3. Ensure that the independent auditors have the information they need in order to identify correctly any potential receivables and make a fair and balanced recommendation regarding repayment schedules for these receivables;
  4. Review and follow-up on recipient audit findings, per the Management Letters, the Default Prevention and Management Policy, and the Directive on Amounts Owing to INAC, as appropriate;

5.7.8 Regions where the recipient audit occurs shall review audit reports for accuracy to identify any material errors or misstatements (e.g., as a result of material information or documents which were not available to the auditor, or which the auditor did not have an opportunity to review).

5.7.9 Committees in the regions (e.g., Regional Operations Committees, Regional Financial Management Committees, etc.) and at headquarters, including the DG G&Cs Oversight Committee and the ADM G&Cs Oversight Committee, support effective and efficient management of recipient audits and follow-up actions as required. Terms of reference for these departmental committees are available in the Directive on Management of Amounts Owing to INAC, Appendix L: Terms of Reference for the ADM G&Cs Oversight Committee, and Appendix M: Terms of Reference for the DG G&Cs Oversight Committee.

5.7.10 INAC staff support INAC managers and the committees established in carrying out their responsibilities, as directed.

6.0 Monitoring

6.1 The CFO will monitor department-wide adherence to this directive and the integrity and effectiveness of its implementation, and will initiate prompt action designed to correct identified deficiencies, enhance compliance and make improvements to the directive, its supporting procedures and guidelines, and in the approach to their implementation.

6.2 The CFO may share the results of monitoring with other departmental governance committees (e.g., Operations Committee), as appropriate, for information or advice.

6.3 The CFO will establish a framework for the review of the continuing relevance, effectiveness and efficient implementation of this directive and its supporting procedures and guidelines, and ensure that:

  1. An initial implementation review is conducted within 6 months after the effective date of this directive;
  2. Formative and summative reviews are conducted mid-term and within five years respectively after the effective date of this directive; and
  3. Reviews are conducted when other significant triggers arise (i.e., review of the TBS Policy on Transfer Payments).

7.0 Consequences

7.1 Consequences of non-compliance with this directive, or of failure to take corrective actions that may be requested by the CFO, may include reporting to Senior Management, requiring additional training, changes to procedures and systems, the suspension or removal of delegated authority, disciplinary action, and other measures as appropriate.

8.0 Enquiries

8.1 For enquiries and interpretations please contact the INAC Transfer Payments Advisory Services at Transfer Payments Advisory Services.

8.2 For enquiries related to specific recipient audits, please contact: Recipient Audit.

Annex A: Definitions

INAC Managers (Gestionnaires d'AANC) – Departmental managers who have been assigned responsibilities for the management of transfer payments.

Accounts receivable (Comptes débiteurs) – A category of accounts which refers to all amounts owed to Indigenous and Northern Affairs Canada other than those amounts with respect to direct loans, defaulted guaranteed loans and accrued interest receivable on these loans. The department has accounts receivable from internal parties (employees), from external parties (for example, recipients, non-public servants, provincial governments etc.) and from other government departments.

Contribution (Contribution) – A contribution is a transfer payment subject to performance conditions specified in a funding agreement. A contribution is to be accounted for and is subject to audit.

Follow-up actions (Actions suivantes) – Appropriate and authorized departmental actions arising from the review of recipient audit results.

Forensic Audit (Vérification juricomptable) – An examination conducted by a qualified independent auditor using specific auditing procedures designed to identify and gather evidence to support a forensic assessment of possible irregularities, including the misappropriation of funds or assets, reported fraud or specific allegations on the part of a recipient or an individual.

Funding Agreement (Entente de financement) – A written agreement or documentation constituting an agreement between the Government of Canada and an applicant or a recipient, setting out the obligations or understandings of both with respect to one or more transfer payments.

Grant (Subvention) – Is a transfer payment subject to pre-established eligibility and other entitlement criteria. A grant is not ordinarily subject to being accounted for by a recipient nor subject to audit by the department, however the recipient may be required to report on results achieved and may, under certain circumstances, be subject to a recipient audit.

Independent Auditor (Vérificateur indépendent) – An auditor who is independent of the recipient and not subject to a conflict of interest either actual or perceived with respect to the recipient, and who is free of bias toward program management or the department.

Joint Recipient Audit (Vérification unique d'un bénéficiaire) – A joint recipient audit is a coordinated approach to recipient auditing whereby an auditor representing 2 or more funders conducts a single audit of a common recipient to verify compliance with terms and conditions of some or all funding agreements with that particular recipient.

Management Action Plan (MAP): A plan developed by the recipient and acceptable to the department(s) which reflects measures to be taken to address a default. The MAP addresses root causes of default and prevents a recurrence of the default. The MAP is also used to identify capacity gaps and resources available for successful implementation.

Management Development Plan (MDP): A plan developed and approved by the recipient and accepted by the department(s), which addresses any recommendations identified in an assessment of the recipient's administrative, accountability and management. The MDP may also be used to meet requirements for de-escalation from a Management Action Plan (MAP).

Materiality (Importance relative) – Relative importance of the amounts at stake in comparison with a total amount; an amount is said to be material when its relative importance is considered significant in regards of the totality.

Receivable (Créance) – A financial asset representing a legally enforceable claim against a debtor, which will result in future inflows of cash. Receivables include short and long term accounts receivable, and loans receivable.

Recipient (Bénéficiaire) – For the purpose of this directive, is an individual or entity that either has been authorized to receive a transfer payment or that has received that transfer payment.

Recipient Audit (Vérification du bénéficiaire) – An independent assessment to provide assurance on a recipient's compliance with a funding agreement. The scope of a recipient audit may address any or all financial and non-financial aspects of the funding agreement. It should be noted that recipient audits are initiated by departmental management; this distinguishes them from internal audits, which are initiated by the Chief Audit and Evaluation sector independently of departmental management.

Recipient Audit Plan (Plan de vérification des bénéficiaires) – An annual plan consisting of a list of recipients selected by the department for a recipient audit to be conducted by an independent auditor selected by the department. This is different and distinct from the Risk-based Departmental Audit Plan prepared by the Chief Audit and Evaluation Executive in respect of internal audit activities planned.

Recipient Monitoring (Surveillance du bénéficiaire) – Recipient monitoring relates to the activities undertaken or co-ordinated by a manager to control the risks related to a recipient and to follow-up on compliance with the obligations in a funding agreement. Recipient audit is a component of recipient monitoring.

Repayment schedule (Échéancier de remboursement) – A determination on the frequency and the partial amounts to be repaid by the debtor (typically in one lump sum payment or in monthly installments) or recovered from ongoing payments to the debtor (e.g., through one-time or monthly set-offs) to clear a debt. Repayment schedules do not ordinarily exceed 12 months, unless exceptional debtor circumstances (e.g., "hardship") exist.

Scope (of an Audit) (Étendue (d'une verification)) – The elements and time period that will be examined during a recipient audit.

Transfer Payments (Paiement de transfert) – Monetary payment, or a transfer of goods, services or assets made, on the basis of an appropriation, to a third party, including a Crown corporation, that does not result in the acquisition by the Government of Canada of any goods, services or assets. Transfer payments are categorized as grants, contributions and other transfer payments. Transfer payments do not include investments, loans or loan guarantees.

Date modified: