Maintaining Internal Controls – A Quick Guide

Don’t Lose Internal Controls

Did you know that the Federal government awards nearly $600 billion annually in federal grants? That is a lot of money that the Federal government trusts you, the grant recipient. Federal awarding agencies need assurance that the funds they are giving you will be well spent, avoiding fraud, waste, abuse, or mismanagement. One part of managing your federal award is ensuring that your organization has strong internal controls in place. We are sure that you have reviewed all of your organization’s policies and procedures until you are blue in the face. But the question you should ask yourself is, does my organization have adequate internal controls in place? Emphasizing effective internal controls in your organization could prevent fraud, waste, abuse, and mismanagement of federal funds.

What Are Internal Controls?

Internal controls are processes designed and implemented to provide reasonable assurance regarding the achievement of objectives in the following categories:

  • Effectiveness and efficiency of operations
  • Reliability of reporting for internal and external use
  • Compliance with applicable laws and regulations

What Are My Requirements?

As a Federal grant recipient, you must comply with 2 CFR 200.303-Internal Controls. Along with other requirements, 2 CFR 200.303 specifies an organization must follow the guidance outlined in the Standards for Internal Control in the Federal Governmentcommonly known as the Green Book, issued by the Comptroller General of the United States, or the Internal Control Integrated Framework, published by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). COSO is dedicated to helping organizations improve performance by developing thought leadership, enhancing internal control, risk management, governance, and fraud deterrence.  The standards in the Green Book are organized by the five components of internal control, shown in Figure 1.


How Does This Apply to Your Grant?

All recipients of federal funds have a responsibility to maintain adequate internal controls. The following best practices are great examples of ways to safeguard your organization from fraud, waste, abuse, and mismanagement and ensure effective operations, reliable reporting, and compliance with grant terms.

Best Practices

  1. Separation of duties:

    Establishes a breakdown of duties so that no one person can single-handedly conduct the entire procedure in a transaction. This separation ensures a check and balance system. Assigned responsibilities should be documented appropriately and reviewed periodically. An example of time and effort recording would be:

  2. Policies of procedures:

    Written policies and procedures should be made available to personnel and describe processes for planning, organizing, directing, controlling, and reporting on organizational operations.

  3. Documentation:

    Ensures detailed, accurate, and sufficient information is recorded and retained to support and corroborate program transactions.

  4. Authorization:

    Establishes transactions that should be reviewed and authorized before execution. An example would be:

    1. Capital expenditures and other purchases—$5,000 can only be carried out with written authorization from the program’s executive director.
  5. Asset Safeguarding:

    Physical assets susceptible to misappropriation or misuse, such as cash and fixed assets, are properly secured and accessible only to authorized personnel. An example of using cash receipts:

    1. Cash receipts, including cash, checks, and credit card revenue, are held in a lockbox and deposited regularly.
  6. Reconciliations:

    Accounting reconciliations corroborate that recorded transactions are accurate and provide the most current information for reporting. Physical reconciliations ensure assets purchased with program funds are being properly utilized. An example from accounting:

    1. Reconcile bank statement amounts to current cash balances for any unexplained discrepancies.

Just remember, it is okay to be a control freak when it comes to effective internal controls. Internal controls extend far beyond preventing fraud, waste, abuse, and mismanagement. Internal controls provide a structure of accountability and promote excellence in operations.