Internal Audit of Grants and Contributions

PDF (609 KB)
Table of contents

Executive Summary

Background

Transfer payments are one of the Government of Canada's key instrments in meeting its broad policy objectives and priorities. Payments can be administered as either grants, which are unconditional transfers of funds to recipients or as contributions, which are subject to performance conditions specified in a funding agreement. Treasury Board's Policy and Directive on Transfer Payments identifies the roles and responsibilities and sets out clear guidelines for departments to manage their Grants and Contributions (G&Cs) Programs.

In 2016-17, the Public Safety Canada (PS) budget for G&Cs included in the audit scope was $318.3 million. Its G&Cs are administered by:

Audit Objective and Scope

The objective of this audit was to assess the adequacy, effectiveness and efficiency of G&Cs funding decisions and agreement administration processes (audit criteria can be found at Annex B).

The scope of the audit focused on the standard administration process phases from “the final funding decision” to “file closure” for G&Cs programs (G&Cs Administration Process Map is at Annex C). This includes relevant documentation in place from April 2016 to March 2017. The audit did not assess program design, assessments for funding requests as well as the Disaster Financial Assistance Arrangements program, the Community Tripartite Agreements under the First Nations Policing Program, and the National Disaster Mitigation Program.

Summary of Findings

Audit Opinion

Improvements are required (audit opinion assessment scale can be found in Annex A) to the grants and contributions agreement administration process, from “the final funding decision” to “file closure” for G&Cs programs (G&Cs Administration Process Map is at Annex C), to increase effectiveness and efficiency. While, the key controls for the G&Cs administration process, such as Sections 32, 33 and 34, are effective and comply with Treasury Board Policy and Directive; opportunities exist to strengthen controls in areas of governance, monitoring and reporting.

Statement of Conformance and Assurance

Sufficient and appropriate audit procedures were conducted and evidence gathered to support the accuracy of the opinion provided and contained in this report. The opinion is based on a comparison of the conditions, as they existed at the time, against pre-established audit criteria that were agreed upon with management. The opinion is applicable only to the entity examined and within the scope described herein. The evidence was gathered in compliance with the Treasury Board Policy and Directive on Internal Audit. The audit conforms to the Internal Auditing Standards for the Government of Canada, as supported by the results of the Quality Assurance and Improvement Program. The procedures used meet the professional standards of the Institute of Internal Auditors. The evidence gathered is sufficient to provide Senior Management with proof of the opinion derived from the internal audit.

Recommendations

  1. In collaboration with all branches, the Assistant Deputy Minister, Corporate Management Branch, should:
    • Assess varied departmental needs with respect to managing G&Cs; and,
    • Recommend any necessary modifications to the existing G&Cs program distribution across the department.
  2. In collaboration with all branches, the Assistant Deputy Minister, Corporate Management Branch, should:
    • Establish a clear and consistent G&Cs administration process framework that meets the expectations and expertise of the program areas;
    • Clarify the roles and responsibilities among G&Cs programs, CoE and Financial Operations;
    • Revise procedures that are communicated and accessible to all program staff;
    • Ensure that templates and tools are accessible to all program staff and “user friendly”; and,
    • Ensure that the use of PSIMS is enforced and accessible to all programs.
  3. The Assistant Deputy Minister, Corporate Management Branch, should revise the methodology to comply with Treasury Board's Policy on Transfer Payments by:
    • Aligning the PS Recipient Audit Directive with Treasury Board's Policy and Directive on Transfer Payments;
    • Ensuring a risk-based approach to identify recipient audits in the Three-Year Recipient Audit Plan; and,
    • Reviewing and annually updating the Three-Year Recipient Audit Plan.
  4. In collaboration with all branches, the Assistant Deputy Minister, Corporate Management Branch, should:
    • Assess the structure of G&Cs governance; and,
    • Identify the requirements for a senior management committee and establish realistic roles, responsibilities and duties that are outlined in terms of reference.
  5. In collaboration with all branches, the Assistant Deputy Minister, Corporate Management Branch, should develop and implement a methodology and tracking system to report on service standards by:
    • Revisiting the service standards to align with changing government wide expectations and the revised Delegation of Financial Signing Authority for Public Safety; and,
    • Ensuring all programs consistently apply the methodology and use PSIMS to track service standards.

Management Response

The key actions to be taken by management to address the findings and recommendations and the associated timelines can be found in the 'Management Response and Action Plan' section of the report.

Audit Team Members

Gabrielle Duschner, A/Chief Audit and Evaluation Executive
Sonja Mitrovic, A/Director Internal Audit and Evaluation
Richard Hill, Consultant
Rahima Kanani, Internal Audit Project Leader
Sophie Carrier, Senior Auditor
Cathy Kwan, Auditor
Emilie Mayer, Student
Alyssa Brown, Student


1. Introduction

1.1 Background

Transfer payments are one of the Government of Canada's key instruments in furthering its broad policy objectives and priorities. Payments can be administered as either grants, which are unconditional transfers of funds to recipients or as contributions, which are subject to performance conditions specified in a funding agreement.

In 2006, Treasury Board commissioned an independent Blue Ribbon Panel (the Panel) to conduct a government-wide review of the administration of grants and contributions (G&Cs). The Panel's report included 32 recommendations aimed at simplifying administration practices while strengthening the Government's accountability and risk-based approach for managing G&Cs programs. The Panel's recommendations focused on four proposals:

The Government of Canada Action Plan to Reform the Administration of G&Cs Programs was developed to address the Panel's recommendations. Aligned with these recommendations, the 2012 Treasury Board Policy and Directive on Transfer Payments provide departments with detailed requirements to ensure that transfer payment programs are managed with integrity, transparency and accountability. Treasury Board is currently reviewing the Policy and the Directive as part of the Policy Reset.

In response to the Action Plan to Reform the Administration of G&Cs Programs and the 2012 Treasury Board Policy and Directive on Transfer Payments, Public Safety Canada (PS) made significant improvements to its management framework for grants and contributions. More specifically, PS implemented a number of initiatives including:

In 2016-17, the Public Safety Canada (PS) budget for G&Cs included in the audit scope was $318.3 million. Its G&Cs are administered by:

1.2 Audit Objective

The objective of this audit was to assess the adequacy, effectiveness and efficiency of grants and contributions (G&Cs) funding decisions and agreement administration processes (audit criteria can be found at Annex B).

1.3 Audit Scope and Methodology

The scope of the audit focused on the standard administration process phases from the “final funding decision” to “file closure” for G&Cs programs (G&Cs Administration Process Map is at Annex C). This includes key controls, such as Section 32 (Control of commitments), Section 33 (Requisitions), and Section 34 (Payment authority). The audit did not assess program design, assessment of funding requests as well as the National Disaster Mitigation Program, the Community Tripartite Agreements under the First Nations Policing Program, and the Disaster Financial Assistance Arrangements program.

During the conduct of the audit, the following methods were used:

1.4 Audit Opinion

Improvements are required (audit opinion assessment scale can be found in Annex A) to the grants and contributions agreement administration process, from “the final funding decision” to “file closure” for G&Cs programs (G&Cs Administration Process Map is at Annex C), to increase effectiveness and efficiency. While, the key controls for the G&Cs administration process, such as Sections 32, 33 and 34, are effective and comply with Treasury Board Policy and Directive; opportunities exist to strengthen controls in areas of governance, monitoring and reporting.

1.5 Statement of Conformance and Assurance

Sufficient and appropriate audit procedures were conducted and evidence gathered to support the accuracy of the opinion provided and contained in this report. The opinion is based on a comparison of the conditions, as they existed at the time, against pre-established audit criteria that were agreed upon with management. The opinion is applicable only to the entity examined and within the scope described herein. The evidence was gathered in compliance with the Treasury Board Policy and Directive on Internal Audit. The audit conforms to the Internal Auditing Standards for the Government of Canada, as supported by the results of the Quality Assurance and Improvement Program. The procedures used meet the professional standards of the Institute of Internal Auditors. The evidence gathered is sufficient to provide Senior Management with proof of the opinion derived from the internal audit.


2. Findings, Recommendations and Management Responses

2.1 There are opportunities for PS to increase efficiencies within the G&Cs administration process.

The Treasury Board Policy on Transfer Payments (Policy) sets out clear roles and responsibilities for Ministers and Deputy Ministers in the effective and efficient design, delivery and management of transfer payment programs. The Deputy Minister, as accounting officer under the Financial Administration Act, is accountable to the Minister and Parliament for fulfilling these responsibilities under the mandate of PS. The Treasury Board Directive on Transfer Payments (Directive) further expands on these responsibilities and provides operational expectations for departmental managers who are responsible for the management of transfer payments. This is important as the Deputy Minister relies on Senior Departmental Managers, individually and collectively, to provide assurance and ensure all these responsibilities and requirements are fulfilled.

PS G&Cs programs are managed by Portfolio Affairs and Communications Branch (PACB), Emergency Management and Programs Branch (EMPB), Community Safety and Countering Crime (CSCCB) and National Cyber and Security Branch (NCSB) across the department. Within the scope of the audit, EMPB administers 13 programs that represent 92.7% of the budget. CSCCB administers 9 programs which is 7% of the budget, whereas PACB and NCSB have 1 program each for 0.1% and 0.2%. (Charts below depict distribution of G&Cs across the department and by branch).

Image description

This pie chart entitled “Distribution of Funding by Branch for Fiscal Year 2016-17” is divided into four sections. The first section is the Emergency Management and Programs Branch, which had a distribution of funding of $294,954,988 (92.7% of the pie chart). The second section is the Community Safety and Countering Crime Branch, which had a distribution of funding of $22,421,096 (7.0% of the pie chart). The third section is the National and Cyber Security Branch, having a distribution of funding of $300,000 (0.1% of the pie chart). The last section is the Portfolio Affairs and Communications Branch, with a distribution of funding of $672,000 (0.2% of the pie chart).

Image description

This pie chart entitled “Distribution of Programs by Branch for Fiscal Year 2016-17” is divided into four sections. The first section is the Emergency Management and Programs Branch with 13 programs: First Nations Policing Program, National Crime Prevention Strategy, Response & Recovery Lac Mégantic, Communities at Risk: Security Infrastructure Program, Countering Radicalization to Violence, International Association of Fire Fighters Canada, Search and Rescue New Initiative Fund, Search and Rescue Volunteer Association of Canada, Heavy Urban Search and Rescue Program, Workers Compensation, International COSPAS-SARSAT Secretariat Contribution Program, Red Cross, and, Opioids Emergency Response. The second section is the Community Safety and Countering Crime Branch, with 9 programs: Aboriginal Community Safety Development Contribution Program, Biology Casework Analysis Contribution Program, Contribution Program to Combat Serious and Organized Crime, Contribution Program to Combat Child Sexual Exploitation and Human Trafficking, Major International Events Security Cost Framework, Nation's Capital Extraordinary Policing Costs Program, Moncton Memorial Grant, National Flagging System, and, Sustaining a Funding Program for National Voluntary Organizations. The third section is the National and Cyber Security Branch with one program, Cyber Security Cooperation Program. The last section is the Portfolio Affairs and Communications Branch with one program, Policy Development Contribution Program.


According to the CoE internal webpage, its role is to provide guidance to program directors on the delivery of transfer payments, develop templates, tools, and guidelines for employees who work directly in the administration of transfer programs, to ensure that the departmental G&Cs administration process comply with Treasury Board Transfer Payment Policy and Directive, and to review contribution agreements requiring Delegated Financial Approval of the DM or Minister.

In April 2012, PS developed a Transfer Payment Management Framework to establish the management of transfer payments, including roles, responsibilities and accountabilities. In our review of this Framework, we found that it was closely aligned to both the TB Policy and Directive and responsibilities and accountabilities were defined. However, the Framework has not been updated or revised since 2012 and therefore does not reflect organizational changes owing to the 2014 departmental realignment.

During the 2014 realignment, the bigger programs such as FNPP and NCPS were consolidated under the EMPB Program Directorate; while the rest remained with the policy areas. Although this reorganization alleviated some pressures, different approaches continued to be followed for the administration of G&Cs programs.

To address the large volume of agreements and transactions, EMPB has a G&Cs administration unit, which acts as a hub to oversee and provide guidance to its program officers. CSCCB, on the other hand, has staff dedicated to administer its larger G&Cs programs, while its smaller programs are managed by policy officers. PACB and NCSB, that have one program each, do not have G&Cs expertise; therefore, they rely on CoE support for the administration of their programs. That said, we found that programs have different expectations of the CoE.

Training for G&Cs is provided by the CoE to support managers in delivering their programs in an efficient and consistent manner. Seven formal training sessions were held from January to April 2016 and additional sessions took place in 2017. However, training is neither mandatory nor tracked.

With regard to new guidance and templates, changes are communicated to Directors General and Directors only and do not always reach program officers. As a result, some interviewees stated that they were not notified of new templates and were required to resubmit their request which causes delays.

In April 2016, the Public Safety Information Management System (PSIMS) became the department's mandatory system to manage G&Cs financial and non-financial information. It has been designed to track tombstone agreement and recipient risk information, key documents and financial information.

During our review, we noted inconsistencies in data quality and data completeness within PSIMS, such as inaccurate or missing dates, financial information, and cash flow and/or activity reports. We found that 23 out of 25 agreements (92%) reviewed lacked PSIMS data quality and/or data completeness. To mitigate the lack of data completeness in PSIMS, programs and the CoE use manual tracking of file progress through checklists, spreadsheets and personal notes.

Furthermore, some interviewees pointed to the following PSIMS issues:

  1. While the use of PSIMS is mandatory, it is not being used throughout the department. The CoE does not have the authority to enforce its use.
  2. While training is available, there are still program officers that are not well-versed on PSIMS' full use and purpose and as a result may not perform the appropriate level of quality assurance. In addition, PSIMS is not updated to include the data corrected during reporting.
  3. EMPB uses PSIMS to develop a departmental program tracking report. However, owing to the lack of data quality across all programs, manual validation is required in some cases, which can increase EMPB's time to complete its analysis..
  4. Due to slow internet connections, regional staff have difficulty accessing PSIMS.

Equally, interviewees highlighted PSIMS' potential:

  1. Data quality could be improved by introducing system business rules as part of PSIMS improvements.
  2. Some program officers see the value of PSIMS for performance reporting which has not yet been fully implemented across the department.

The varied expertise of administrators of G&Cs programs dispersed across the department has contributed to the lack of consistency of G&Cs administration in terms of roles and responsibilities, tools and training, and the use of PSIMS. This presents a risk of inefficiency in the management of G&Cs.

Recommendation 1:
In collaboration with all branches, the Assistant Deputy Minister, Corporate Management Branch, should:

Recommendation 2:
In collaboration with all branches, the Assistant Deputy Minister, Corporate Management Branch, should:

2.2 While generally effective, improvements can be made to G&Cs monitoring process.

Key controls examined within the scope of this audit were: (1) Section 32, including CFO review on the Recommendations for Project Approval Form (RPAF), and DM or Ministerial approval for contribution agreements that are above $500,000 and grant agreements over $100,000; (2) funding agreement signature; (3) CoE review of initial and first payment of the fiscal year; (4) Section 34; and, (5) Section 33 (detailed results by Branch in Annex D).

  1. Section 32 and DM/Ministerial approval: The audit found that the project approval forms for all 25 agreements were signed by the Minister or an appropriate delegate. For contribution agreements valued over $500,000 and grant agreements valued over $100,000, a CFO review is required prior to the DM or Minister sign off. During our review, we found that, although all 16 approval forms were signed by the DM or Minister, 5 out of 16 forms did not have evidence of CFO review.
  2. Funding Agreement Signature: 25 out of 25 agreements were found to be signed by the appropriate delegate.
  3. CoE review of initial and first payment: The audit examined a total of 60 payments of which 25 were initial or first payment of the year. All 25 were reviewed by the CoE, which identified errors in 7. The types of errors were: payments that exceeded amounts according to the Risk Management Directive; insufficient payment holdbacks; missing information on the payment documentation; and unclear payment schedule in the agreement.
  4. Section 34: All 25 initial/first payments, 30 subsequent and 5 final payments were signed according to the Delegation of Financial Signing Authority (DFSA). However, for three of the 60 payments, Section 34 was dated prior to the cash flow sign off.
  5. Section 33: All files reviewed were signed by the delegated authority.

In addition to its role in providing guidance to programs, the CoE also has monitoring responsibilities at the departmental level. This includes ensuring compliance with the departmental approach to recipient risk management, developing, maintaining and reporting on transfer payment service standards, and providing oversight to the recipient audit process. Recipient audits are independent assessments that provide assurance on a recipient's program delivery in accordance with its funding agreement.. PS has a Recipient Audit Directive which includes governance, roles and responsibilities, and a recipient audit process. The key groups involved in this process are:

  1. Program managers who are responsible to ensure that their programs have a recipient audit plan which is conducted by a qualified auditor and who develop management action plans with recipients in response to audit findings, and ensure action plans are addressed. 
  2. The CoE, which coordinates the development of the Three-Year Departmental Recipient Audit Plan, provides oversight to the recipient audit process, including the preparation of a Departmental Management Action Plan, and prepares a departmental trends report for the GCDGC.
  3. The GCDGC reviews and approves the Departmental Recipient Audit Plan, Departmental Management Action Plan and Departmental Trends Report which are taken from recipient audits and Recipient Audit Management Action Plans.

The Three-Year Recipient Audit Plan is developed based on recommendations from program managers according to the following three methods:

  1. A risk-based selection that considers the recipient risk profile;
  2. A directed selection, which derives materiality and other indicators in the funding agreement, program services and activities; and
  3. A random selection, which uses an algorithm implemented in PS Information Management System (PSIMS).

The last approved Three-Year Recipient Audit Plan covered the period of 2015-16 to 2017-18. According to this Plan, 11 recipient audits for 2016-17 were identified. Treasury Board's Policy on Transfer Payments requires the recipient audit plan to be developed and implemented using a risk-based approach and that audits be conducted by qualified independent auditors. While we found that only 1 out of 11 recipient audits were identified using a risk-based selection method, 7 audits undertaken in 2016-17 met the Policy and Directive requirement to use qualified independent auditors. Management action plans were developed to address audit recommendations.

The Three-Year Recipient Audit Plan for 2015-16 to 2017-18 was neither reviewed nor updated by the CoE. Moreover, the CoE has not completed the Departmental Management Action Plan or the Departmental Trends Report for recipient audits as required by the PS Recipient Audit Directive.

Overall, the key controls for the G&Cs administration process, such as Sections 32, 33 and 34, are effective. While G&Cs monitoring practices are in place, such as a Three-Year Recipient Audit Plan. Improvement is required to establish an effective methodology for the development and oversight of recipient audits.

Recommendation 3:
The Assistant Deputy Minister, Corporate Management Branch, should revise the methodology to comply with Treasury Board's Policy on Transfer Payments by:

2.3 The established governance structure is not functioning as intended.

An adequate governance process ensures accountability, effectiveness, sound management, and adherence to public service values. It also integrates and aligns priorities, plans, accountabilities and risk management to ensure that internal management functions support and enable the performance of programs and services (Treasury Board Secretariat – Management Accountability Framework).

At PS, the GCDGC was established to provide leadership and act as an advisory and oversight body for grants and contributions initiatives. Its terms of reference, which were last updated in 2015, calls for the committee to meet every two months and to provide quarterly updates to senior management.

Responsibilities and duties of the committee are:

During the scope of the audit, the GCDGC was expected to meet six times. However, our document reviews of records of decisions (RODs) demonstrated that only three meetings were held. Furthermore, according to the information contained in the RODs, the committee did not discuss all the required topics to fulfill their duties as stated in the terms of reference, such as: leadership in monitoring and reporting of G&Cs; coordination of recipient audits; and set direction and requirements for the implementation of PSIMS. We were informed that in the past the committee approved internal directives and guidelines; however, our observations demonstrated that during the scope of the audit the committee was viewed as an information sharing forum.

PS has a Directive on G&Cs Project/Agreement Level Risk Management to ensure a consistent risk identification, assessment and applied mitigation strategy. The G&Cs agreement risk assessment is documented in PSIMS. According to our review, we found that risk information was available for all 25 agreements sampled. Furthermore, for the scope of the audit, we expected to find 45 activity reports related to the selected agreements. We noted that for 8 out of 45 reports, PSIMS had either inaccurate or incomplete information.

For Fiscal Year 2016/17, DMC met 22 times and received four updates on the departmental financial situation that included Vote 5 (G&Cs budget). The audit team, however, did not find evidence on updates related to G&Cs administration process, performance or risk information.

The CoE indicated in an interview that they had undertaken, through consultation with programs, an environmental analysis on Public Safety G&Cs. In addition, individual branches in the department are also working on G&Cs administration process improvements. For example, the EMPB reported to the DAC in June 2017 on the status of its G&Cs process improvement efforts. The work conducted by the two units has resulted in the establishment of a joint Memorandum of Understanding to increase efficiency and avoid duplication.

Although PS has an established governance structure for its G&Cs, the audit found that it did not meet its oversight responsibilities, such as monitoring and reporting on the implementation of standard processes for the administration of G&Cs.

Recommendation 4:
In collaboration with all branches, the Assistant Deputy Minister, Corporate Management Branch, should:

2.4 Service standards are established and tracked, yet there are inaccuracies in the tracking methodology.

Treasury Board's Policy on Transfer Payments requires Deputy Ministers to establish and make public reasonable and practical departmental service standards for transfer payment programs. PS has established three service standards:

  1. Acknowledge receipt of a funding request (15 business days);
  2. Communicate a funding decision after a completed application is received (52 weeks); and,
  3. Issue a payment following receipt of all required documentation (30 business days).

In October 2016, PS published its service standard results for 2015-16 on its public website. The service standard results for 2016-17 are still in draft form. 

During the audit, we assessed the third service standard (issue a payment following receipt of all required documentation) for quality and completeness. The compliance target was to issue a payment within 30 business days, 80% of the time.

Reporting results for the service standards are generated through PSIMS which, according to its User Guide, calculates the number of business days between the receipt of the recipient payment request and the payment release dates. However, according to our review of PSIMS information, we noted missing or inaccurate receipt and release dates. For this reason, we assessed the accounts payable files for 25 agreements sampled and found that 46 of 60 payments reviewed met the standard (76.7%). In addition, through interviews and file review, audit found that there is no clear and consistent methodology to track the service standards.

There is a risk as PSIMS is not consistently used across the department and it lacks business rules to ensure accuracy of information. To address this issue, the CoE is required to follow-up with program areas to correct the data for reporting purposes. Furthermore, the audit did not find historical data that would enable the assessment of the elapsed time between the receipt of the payment request from the recipient and when the service standard was applied.

Recommendation 5:
In collaboration with all branches, the Assistant Deputy Minister, Corporate Management Branch, should develop and implement a methodology and tracking system to report on service standards by:

2.5 Overall Conclusion

Public Safety has a defined Grants and Contributions agreement administration process that aligns with the Treasury Board Policy and Directive on Transfer Payments and includes effective key controls such as Section 32, 33 and 34. However, improvements are required to increase efficiency of the administration process, clarify roles, responsibilities and accountabilities and address weaknesses in the governance, monitoring, and tracking of service standards. 

2.6 Management Response and Action Plan

Recommendations

Actions Planned

Target
Completion
Date

Recommendation #1:
In collaboration with all branches, the Assistant Deputy Minister, Corporate Management Branch, should:

  • Assess varied departmental needs with respect to managing G&Cs; and,
  • Recommend any necessary modifications to the existing G&Cs program distribution across the department.
The Comptroller’s Directorate will undertake a review and assessment of the current PS roles and responsibilities related to the management of G&Cs programs within Public Safety. The findings and any resulting recommendations will be presented to DMC. June 2018

Recommendation #2:
In collaboration with all branches, the Assistant Deputy Minister, Corporate Management Branch, should:

  • Establish a clear and consistent G&Cs administration process that meets the expectations and expertise of the program areas;
  • Clarify the roles and responsibilities among G&Cs programs, CoE and Financial Operations;
  • Revise procedures that are communicated and accessible to all program staff;
  • Ensure that templates and tools are accessible to all program staff and “user friendly”; and,
  • Ensure that the use of PSIMS is enforced and accessible to all programs.
The Comptroller’s Directorate will undertake a review and assessment of the current PS roles and responsibilities related to the management of G&Cs programs within Public Safety. The findings and any resulting recommendations will be presented to DMC. June 2018
The Comptroller’s Directorate will review and revise, as required, the G&Cs administration process framework related to Public Safety programs. The Framework includes PS G&Cs directives, procedures, tools and templates and service standards that will comply with Treasury Board’s Policy on Transfer Payments. December 2018

Recommendation #3:
The Assistant Deputy Minister, Corporate Management Branch, should revise the methodology to comply with Treasury Board's Policy on Transfer Payments by:

  • Aligning the PS Recipient Audit Directive with Treasury Board's Policy and Directive on Transfer Payments;
  • Ensuring a risk-based approach to identify recipient audits in the Three-Year Recipient Audit Plan; and,
  • Reviewing and annually updating the Three-Year Recipient Audit Plan.
The Comptroller’s Directorate will review and revise, as required, the G&Cs administration process framework related to Public Safety programs. The Framework includes PS G&Cs directives, procedures, tools and templates and service standards that will comply with Treasury Board’s Policy on Transfer Payments. December 2018
The CoE will annually review the Three Year Recipient Audit Plan. December 2018 and annually thereafter

Recommendation #4:
In collaboration with all branches, the Assistant Deputy Minister, Corporate Management Branch, should:

  • Assess the structure of G&Cs governance; and,
  • Identify the requirements for a senior management committee and establish realistic roles, responsibilities and duties that are outlined in terms of reference.
CMB will consult with implicated branches to assess the structure of G&C Governance and provide recommendations for approval at DMC. February 2019

Recommendation #5:
In collaboration with all branches, the Assistant Deputy Minister, Corporate Management Branch, should develop and implement a methodology and tracking system to report on service standards by:

  • Revisiting the service standards to align with changing government wide expectations and the revised Delegation of Financial Signing Authority for Public Safety; and,
  • Ensuring all programs consistently apply the methodology and use PSIMS to track service standards.
The Comptroller’s Directorate will review and revise, as required, the G&Cs administration process framework related to Public Safety programs. The Framework includes PS G&Cs directives, procedures, tools and templates and service standards that will comply with Treasury Board’s Policy on Transfer Payments. December 2018 and annually thereafter

Annex A: Internal Audit and Evaluation Directorate Opinion Scale

The following is the Internal Audit and Evaluation Directorate audit opinion scale by which the significance of the audit collective findings and conclusions are assessed.

Audit Opinion Ranking

Well Controlled
  • Well managed, no material weaknesses noted; and
  • Effective
Minor Improvement
  • Well managed, but minor improvements are needed; and
  • Effective
Improvements Required

Improvements are required (at least one of the following two criteria are met):

  • control weaknesses, but exposure is limited because likelihood of the risk occurring is not high;
  • control weaknesses, but exposure is limited because impact of the risk is not high.
Significant Improvements Required

Significant improvements are required (at least one of the following two criteria are met):

  • Financial adjustments material to line item or area or to the Department;
  • Control deficiencies represent serious exposure;
  • Major deficiencies in overall control structure.

Annex B: Audit Criteria

Criterion 1:
An effective governance structure (i.e. established governance, defined terms of references, and documented records of decisions) is in place to oversee G&Cs management.
Criterion 2:
Roles, responsibilities and accountabilities for G&Cs administration are in line with TB and PS policies and directives are clearly documented, communicated, and understood.
Criterion 3:
Training, tools, and guidance to support the administration of G&Cs are available, accessible, communicated and applied.
Criterion 4:
An effective and efficient G&Cs administration process (i.e. adequate G&Cs administration process without duplication, and effective administration controls) is in place and established in compliance with TB requirements.

Annex C: Grants and Contributions Administration Process Map

Image description

This process flowchart chart entitled “Grants and Contributions Administration Process Map – From Final Funding Decision to File Closure” is divided by 5 columns.

The first column is titled ”Final Decision”. The first column has 7 steps: 4 process steps, 2 decision steps, and 1 step demonstrating the end of the process.

  1. This is a process step where the Sub-delegated manager reviews the Recommendation for Project Approval Form. This is the responsibility of the Program Area.
    1. For agreement value under $500K, the next decision step is the funding proposal approval - section 32.
    2. For agreement value over $500K, the next process step is reviewing the Recommendation for Project Approval Form for Chief Financial Officer Signoff, which is the responsibility of the Grants and Contributions Centre of Expertise.
      1. This decision step requires the Chief Financial Officer to sign off on the Recommendation for Project Approval Form, which is a Finance responsibility.
      2. This process step is the Recommendation for Project Approval Form sent to the Deputy Minister for approval. This is the responsibility of the Grants and Contributions Centre of Expertise.
      3. This decision step is the Funding proposal approval - section 32.
  2. Once section 32 is completed for either amounts under $500K or amounts $500K and over, the program area is responsible for the process step of advising the applicant of funding decision within 52 weeks of receipt of application.
    1. If the application is not approved, the process ends.
    2. If the application is approved, the process goes into the next column.

The second column is titled “Funding Agreement Signature”. This column has 2 steps: 1 decision step and 1 process step.

  1. Once an application is approved, the next decision step is the funding agreement signature. This is the responsibility of the Program Area.
  2. This is a document step where the funding agreement is signed by sub-delegated manager and recipient, which is the responsibility of the Program Area. Then, the process goes into the next column.

The third column is titled “Grants and Contributions Payment Administration”. This column has 10 steps: 7 process steps, 1 document step and 2 decision steps.

  1. Once the funding agreement is signed, the recipient is responsible for the process step of requesting the payment and providing cash flow statements and activity reports (according to schedule).
  2. This process step is receiving and analyzing cash flow statements and activity reports and monitor compliance to terms and conditions of the funding agreement. This is the responsibility of the Program Area.
  3. This document step is the payment request, which is the responsibility of the Program Area.
  4. This process step requires the sub-delegated manager to review the payment request. This is the responsibility of the Program Area.
  5. This decision step is the certification authorization - section 34 completed by the Program Area.
  6. If the payment is the initial payment, or the first payment of the year, these process steps involve the:
    1. Review of the payment request which is the responsibility of the Grants and Contributions Centre of Expertise.
    2. Review of the financial aspects of the payment request, which is the responsibility of Finance.
  7. If the payment is not the initial payment or the first payment of the year, Finance is responsible for completing the process step of reviewing financial aspects of the payment request.
  8. This decision step of the payment authorization - section 33 is the responsibility of Finance.
  9. This process step requires that the payment is issued within 30 days of the payment request, which is the responsibility of Finance. Then, the process goes into the next column.

The fourth column is titled ”Recipient Audits (this step is conducted in an “if applicable” basis)”. This column has 11 steps: 7 process steps, 2 document steps, and 2 decision steps.

  1. The Program Area is responsible for the process step requiring the program manager to recommend recipients for inclusion in Departmental Recipient Audit Plan.
  2. This document step is the Departmental Recipient Audit Plan. This is the responsibility of the Grants and Contributions Centre of Expertise.
  3. The Grants and Contributions Centre of Expertise is responsible for the process step of reviewing and presenting the Recipient Audit Plan at the Grants and Contributions Director General's Committee for approval.
  4. This decision step is the Grants and Contributions Director General's Committee Recipient Audit Plan approval.
  5. The Program Area is responsible for overseeing the process step involving the conduct of recipient audits.
  6. This process step involves the review of audit reports and development/monitoring of action plans. This is the responsibility of the Program Area.
  7. The Grants and Contributions Centre of Expertise is responsible for the process step of analyzing recipient audit reports to look for trends, program deficiencies or efficiencies, and possible future program redesign issues.
  8. This document step is the Departmental Action Plan and Summary Report, which is the responsibility of the Grants and Contributions Centre of Expertise.
  9. This process step requires presenting recipient audit reports, action plans, departmental action plan and summary report to the Grants and Contributions Director General's Committee for review and approval. This is the responsibility of the Grants and Contributions Centre of Expertise.
  10. This decision step is the Grants and Contributions Director General's Committee approval.
  11. This process step requires presenting results of recipient audits to Departmental Management Committee and Departmental Audit Committee. This is the responsibility of the Grants and Contributions Centre of Expertise. Then, the process goes into the next column.

The last column is titled “File Closure”. This column has 10 steps: 7 process steps, 1 document step, and 2 decision steps.

  1. The recipient is responsible for the process step of requesting the final payment and providing cash flow statements and activity reports.
  2. This process step is receiving and analyzing cash flow statements and activity reports. This is the responsibility of the Program Area.
  3. The Program Area is responsible for the process step of requesting additional deliverables and/or recoveries from recipient, based on results of recipient audit, as required.
  4. The Program Area is responsible for completing the document step of preparing the final payment request.
  5. This process step requires the sub-delegated manager to review payment request. This is the responsibility of the Program Area.
  6. The Program Area is responsible for the decision step of the Certification authorization - section 34.
  7. This process step requires the review of the payment request, which is the responsibility of the Grants and Contributions Centre of Expertise.
  8. Finance is responsible for completing the process step of reviewing financial aspects of the payment request.
  9. Finance is responsible for completing the decision step of the Payment authorization - section 33.

Finance is responsible for ensuring the process step requiring that the payment be issued within 30 days of the payment request.


Annex D: Detailed Results of Key Tests by Branch

Key Tests

Total

Contributions

Grants

EMPB

CSCCB

NCSB

EMPB

CSCCB

NCSB

CFO Review

16

10/10

1/3

N/A

0/1

0/2

N/A

Section 32

25

14/15

4/4

1/2

1/1

3/3

N/A

Funding Agreement Signed (DFSA)

25

15/15

4/4

2/2

1/1

3/3

N/A

CoE QA Review

25

13/15

3/4

1/2

0/1

1/3

N/A

Section 34 Initial/First Payment

25

15/15

3/4

2/2

1/1

3/3

N/A

Section 34 Subsequent Payment

30

26/27

1/1

N/A

N/A

2/2

N/A

Section 34 Final Payment

5

N/A

1/1

1/2

N/A

2/2

N/A

Section 33

60

42/42

6/6

4/4

1/1

7/7

N/A

Recipient audits conducted as per the plan

11

3/7

1/3

0/1

N/A

N/A

N/A

Risk-based recipient audits conducted based on total identified in the plan

7

1/6

0/1

N/A

N/A

N/A

N/A

Additional recipient audits conducted

3

3/3

N/A

N/A

N/A

N/A

N/A

Activity reports

45

28/33

3/5

4/4

N/A

2/3

N/A

Service standards

60

31/42

5/6

2/4

1/1

7/7

N/A

PSIMS Data Quality

25

2/15

0/4

0/2

0/1

0/3

N/A

Date modified: