November 16, 2012
TO: Jacqueline Berrien, Chair
FROM: Milton A. Mayo, Jr., Acting Inspector General
SUBJECT: Audit of the Equal Employment Opportunity Commission's Fiscal Year 2012 Financial Statements (OIG Report No. 2012-01-FIN)
The Office of Inspector General (OIG) contracted with the independent certified public accounting firm of Harper, Rains, Knight and Company, P.A (HRK) to audit the financial statements of the U.S. Equal Employment Opportunity Commission (EEOC) for fiscal year 2012. The contract required that the audit be done in accordance with U.S. generally accepted government auditing standards contained in Government Auditing Standards issued by the Comptroller General of the United States and Office of Management and Budget's Bulletin 07-04, Audit Requirements for Federal Financial Statements, as amended.
HRK issued an unqualified opinion on EEOC's FY 2012 financial statements. In its Report on Internal Control, HRK noted two areas involving internal control and its operation that were considered to be significant deficiencies. These included the lack of sufficient controls over supporting documentation for personnel expenses and the lack of sufficient controls over financial reporting. In its Report on Compliance with Applicable Laws and Regulations, HRK noted no instances of non compliance with certain laws and regulations applicable to the agency.
In connection with the contract, OIG reviewed HRK's report and related documentation and inquired of its representatives. Our review, as differentiated from an audit in accordance with U.S. generally accepted government auditing standards, was not intended to enable us to express, and we do not express, opinions on EEOC's financial statements or conclusions about the effectiveness of internal controls or on whether EEOC's financial management systems substantially complied with FFMIA; or conclusions on compliance with laws and regulations. HRK is responsible for the attached auditor's report dated November 15, 2012 and the conclusions expressed in the report. However, OIG's review disclosed no instances where HRK did not comply, in all material respects, with generally accepted government auditing standards.
EEOC management was given the opportunity to review the draft report and to provide comments. Management comments are included in the report.
The Office of Management and Budget issued Circular Number A-50, Audit Follow Up, to ensure that corrective action on audit findings and recommendations proceed as rapidly as possible. EEOC Order 192.002, Audit Follow up Program, implements Circular Number A-50 and requires that for resolved recommendations, a corrective action work plan should be submitted within 30 days of the final evaluation report date describing specific tasks and completion dates necessary to implement audit recommendations. Circular Number A-50 requires prompt resolution and corrective action on audit recommendations. Resolutions should be made within six months of final report issuance.
cc: Claudia Withers
Independent Auditors' Report
U.S. Equal Employment Opportunity Commission
We have audited the accompanying consolidated balance sheets of the U.S. Equal Employment Opportunity Commission (EEOC), as of September 30, 2012 and 2011, and the related consolidated statements of net cost and changes in net position, and combined statements of budgetary resources, for the years then ended. These financial statements are the responsibility of EEOC management. Our responsibility is to express an opinion on these financial statements based on our audits.
We conducted our audits in accordance with auditing standards generally accepted in the United States of America, the standards applicable to financial audits contained in Government Auditing Standards, issued by the Comptroller General of the United States, and OMB Bulletin No. 07-04, Audit Requirements for Federal Financial Statements, as amended.
Those standards require that we plan and perform the audits to obtain reasonable assurance about whether the financial statements are free of material misstatement. An audit includes examining, on a test basis, evidence supporting the amounts and disclosures in the financial statements. An audit also includes assessing the accounting principles used and significant estimates made by management, as well as evaluating the overall financial statement presentation. We believe that our audits provide a reasonable basis for our opinion.
In our audits of the EEOC for fiscal years 2012 and 2011, we found
The following sections discuss in more detail (1) these conclusions, (2) our conclusions on Management's Discussion and Analysis and other supplementary information, and (3) our and management's responsibilities.
Opinion on the Financial Statements
In our opinion, the financial statements including the accompanying notes present fairly, in all material respects, the financial position of EEOC as of September 30, 2012 and 2011, and its net cost of operations, changes in net position, and budgetary resources for the years then ended, in conformity with accounting principles generally accepted in the United States of America.
Consideration of Internal Control
In planning and performing our audits, we considered EEOC's internal control over financial reporting and compliance. We did this in order to determine our audit procedures for the purpose of expressing our opinion on the financial statements and not to provide an opinion on internal control. We limited our internal control testing to those controls necessary to achieve the objectives described in OMB Bulletin No. 07-04, as amended. We did not test all internal controls relevant to the operating objectives as broadly defined by the Federal Managers' Financial Integrity Act of 1982. Providing an opinion on internal control was not the objective of our audit. Accordingly, we do not express an opinion on EEOC's internal control over financial reporting and compliance or on management's assertion on internal control included in Managements' Discussion and Analysis. However, for the controls we tested, we found no material weaknesses in internal control over financial reporting (including safeguarding of assets) and compliance.
A control deficiency exists when the design or operation of a control does not allow management or employees, in the normal course of performing their assigned functions, to prevent or detect misstatements on a timely basis. A significant deficiency is a deficiency in internal control, or a combination of deficiencies, that adversely affects the entity's ability to initiate, authorize, record, process, or report financial data reliably in accordance with generally accepted accounting principles such that there is more than a remote likelihood that a misstatement of the entity's financial statements that is more than inconsequential will not be prevented or detected. A material weakness is a significant deficiency, or combination of significant deficiencies, that results in more than a remote likelihood that the design or operation of one or more internal controls will not allow management or employees, in the normal course of performing their duties, to promptly detect or prevent errors, fraud, or noncompliance in amounts that would be material to the financial statements. We consider the deficiencies described in Exhibit I to be a significant deficiency.
Our internal control work would not necessarily disclose all deficiencies in internal control that might be material weaknesses or other significant deficiencies.
We noted certain additional matters that we will report to management of EEOC in a separate letter.
Compliance with Applicable Laws and Regulations
The management of EEOC is responsible for complying with laws and regulations applicable to EEOC. As part of obtaining reasonable assurance about whether EEOC's financial statements are free of material misstatement, we performed tests of its compliance with selected provisions of laws and regulations including laws governing the use of budgetary authority and government-wide policies identified in OMB Bulletin No. 07-04, as amended, non-compliance with which could have a direct and material effect on the determination of consolidated and combined financial statements. Our tests disclosed no instances of noncompliance with laws and regulations which would be reportable under auditing standards generally accepted in the United States of America or OMB audit guidance.
We limited our tests of compliance to the provisions of laws and regulations referred to in the preceding paragraph. Providing an opinion on compliance with those provisions was not an objective of our audit. Accordingly, we do not express such an opinion.
Consistency of Other Information
Management's Discussion and Analysis (MD&A) is not a required part of the financial statements but is supplementary information required by the Federal Accounting Standards Advisory Board and OMB Circular A-136, Financial Reporting Requirements. We have applied certain limited procedures, which consisted principally of inquiries of management regarding the methods of measurement and presentation of the MD&A. However, we did not audit the information and accordingly, we express no opinion on it.
EEOC's management is responsible for (1) preparing the financial statements in conformity with accounting principles generally accepted in the United States of America, (2) establishing, maintaining, and assessing internal control to provide reasonable assurance that the broad control objectives of the Federal Managers' Financial Integrity Act are met, and (3) complying with applicable laws and regulations.
We are responsible for obtaining reasonable assurance about whether the financial statements are presented fairly, in all material respects, in conformity with accounting principles generally accepted in the United States of America. We are also responsible for (1) obtaining a sufficient understanding of internal control over financial reporting and compliance to plan the audit, (2) testing compliance with selected provisions of laws and regulations that have a direct and material effect on the financial statements and laws for which OMB audit guidance requires testing, and (3) performing limited procedures with respect to certain other information appearing in the Annual Financial Statement.
In order to fulfill these responsibilities, we
We did not evaluate all internal controls relevant to operating objectives as broadly defined by the Federal Managers' Financial Integrity Act, such as those controls relevant to preparing statistical reports and ensuring efficient operations. We limited our internal control testing to controls over financial reporting and compliance. Because of inherent limitations in internal control, misstatements due to error or fraud, losses, or noncompliance may nevertheless occur and not be detected. We also caution that projecting our evaluation to future periods is subject to the risk that controls may become inadequate because of changes in conditions or that the degree of compliance with controls may deteriorate. In addition, we caution that our internal control testing may not be sufficient for other purposes.
We did not test compliance with all laws and regulations applicable to EEOC. We limited our tests of compliance to selected provisions of laws and regulations that have a direct and material effect on the financial statements and those required by OMB audit guidance that we deemed applicable to the EEOC's financial statements for the fiscal year ended September 30, 2012. We caution that noncompliance may occur and not be detected by these tests and that such testing may not be sufficient for other purposes.
We performed our audits in accordance with auditing standards generally accepted in the United States of America and OMB audit guidance.
Our audits were conducted for the purpose of forming an opinion on the financial statements of EEOC taken as a whole. The other accompanying information included in this performance and accountability report is presented for purposes of additional analysis and is not a required part of the financial statements. Such information has not been subjected to the auditing procedures applied in the audit of the financial statements and, accordingly, we express no opinion on them.
This report is intended solely for the information and use of the management of the U.S. Equal Employment Opportunity Commission, the U.S. Office of Management and Budget, the U.S. Government Accountability Office, and the U.S. Congress and is not intended to be and should not be used by anyone other than these specified parties.
November 15, 2012
Harper, Rains, Knight & Company, P.A. • Certified Public Accountants •Consultants
One Hundred Concourse • 1052 Highland Colony Parkway, Suite 100 • Ridgeland, Mississippi 39157
Telephone 601.605.0722 • Facsimile 601.605.0733 • www.hrkcpa.com
The U.S. Equal Employment Opportunity Commission (EEOC) does not properly maintain supporting documentation for personnel expenses recorded in the general ledger. EEOC maintains personnel files for all employees to ensure that wages and elections for withholdings and benefits are consistent with the employee's intent. These files have minimum standards for accuracy, relevancy, necessity, timeliness, and completeness.
In FY 2012, we tested a sample of 78 employees' personnel expenses and supporting documentation maintained by EEOC in the employees' personnel files (eOPF) for the period of October 1, 2011 through June 30, 2012. Based on our testing, we identified the following exceptions:
These exceptions were caused by insufficient controls in place at EEOC to ensure proper and timely documentation is maintained in the eOPF. We identified similar exceptions in our audits from FY 2010 and FY 2011.
EEOC's failure to properly record and maintain official personnel records increases the risk for improper calculations of liabilities on the Balance Sheets and improper calculations of program costs on the Statements of Net Cost.
The Government Accountability Office's (GAO) GAO Standards for Internal Control in the Federal Government (Green Book) states: "Internal control and all transactions and other significant events need to be clearly documented, and the documentation should be readily available for examination. The documentation should appear in management directives, administrative policies, or operating manuals and may be in paper or electronic form. All documentation and records should be properly managed and maintained."
To address this issue, we recommend that EEOC update its controls over the maintenance of its official personnel files. Additionally, management should perform a thorough review of its employees' personnel files to ensure that documentation is current and complete.
Management's Response: Management concurs with the finding. As mentioned in last year's report, we partnered with the Interior Business Center (IBC) (DOI) to provide a means to have the actions taken in Employee Express by our employees which will allow them to flow automatically to their e-OPFs. This data feed went live June 2, 2011. The data feed contains all FEHB, FEHB Premium Conversion, TSP, and TSP Catch-up records since the first day of FEHB open season (11/8/10) through the live date. After this date, IBC would send the actions on a daily basis Monday through Friday. While this process is working efficiently, the lack of resources has been and still is an issue. The Benefits Assistant in charge of this function went out on maternity leave during last year (which was reported in our last audit response), returned and now has left the agency. In order to process daily actions from Employee Express (with some employees making changes on a daily basis) appropriate resources are required. However, we have found in the meantime, to ensure that our separating employees' e-OPFs are complete. We receive a report bi-weekly from IBC that contains Employee Express actions, which in turn we download and scan into their e-OPF prior to releasing them. In order to improve on the resource issue, OHR is committed to partner with the Veterans Administration's wounded veterans in order to secure a volunteer to work with us to begin to put a process in place and clear up the backlog.
Auditors' Response: FY 2013 audit procedures will determine whether the corrective actions have been implemented and are operating effectively.
In FY 2012, EEOC implemented the new Financial Cloud Solutions (FCS) accounting and reporting system to replace its legacy system Momentum. EEOC encountered implementation issues related to the new FCS system, including weaknesses identified in the conversion, the development of new reconciliation processes, and implementation of new complimentary user controls. As a result, the ability of management to perform their day-to-day procedures was significantly impacted. Specifically we noted the following issues:
Reconciliation of Data: EEOC identified differences between user reports/subledgers and the FCS general ledger; however no support was provided evidencing the reconciliations and the subsequent resolution of identified issues. Prompt resolution of differences is an essential component of financial data integrity, and its absence compromises the integrity of the financial reporting.
Complimentary User Controls: EEOC did not fully implement the complementary user controls identified in the SSAE 16 Type II report provided by its service provider. Implementation of all user controls is an essential component of EEOC's financial management control structure, and the absence of implementing complimentary user controls can compromise the integrity of the internal controls at EEOC's and EEOC's ability to rely on the SSAE 16 report.
Manual Adjustments: EEOC does not have controls in place to identify, review, and maintain documentation of manual adjustments entered by its service provider. Management review and acceptance of all manual adjustments is essential to management determining the appropriateness of transactions posted to the general ledger.
Policy and Procedure: EEOC did not update its standard operating procedures for each transaction cycle after implementation of its new accounting and reporting system, FCS. GAO Standards for Internal Control state "Internal control and all transactions and other significant events need to be clearly documented, and the documentation should be readily available for examination. The documentation should appear in management directives, administrative policies, or operating manuals and may be in paper or electronic form. All documentation and records should be properly managed and maintained.' Documentation of standard operating procedures is an essential component of internal control, the lack of documentation compromises the internal controls of EEOC.
To address these issues, we recommend EEOC (a) identify and update all policies and procedures impacted by the implementation of FCS, (b) document and monitor the implementation of all complimentary user control considerations, (c) implement stringent reconciliations and resolution procedures over financial reporting reconciliations of management reports/subledgers to FCS general ledger data, and (d) implement procedures over manual adjustments made by its service provider that meet the same rigor and documentation standards as internally generated manual adjustments.
Managements Response: EEOC will implement a review of the trial balance at least weekly to determine that the proprietary and budgetary accounts are in balance. For instance:
We agree with recommendation and will update the standard operating procedure (SOP) guides that affect the accounting in FCS. The Financial Operations Division will update the relevant SOPs.
EEOC is revising the JV standard operating procedures to include all items in the recommendation.
Auditors Response: FY 2013 audit procedures will determine whether the corrective actions have been implemented and are operating effectively.