Office of Management and Budget | Print this document |
OMB BULLETIN NO. 98-08 TO THE HEADS AND INSPECTORS GENERAL OF EXECUTIVE DEPARTMENTS AND ESTABLISHMENTS SUBJECT: Audit Requirements for Federal Financial Statements
1. Purpose. This Bulletin, which includes an Attachment and Appendices A through H, establishes minimum requirements for audits of Federal financial statements. The Bulletin is issued under the authority of the Budget and Accounting Act of 1921, as amended, and the Budget and Accounting Procedures Act of 1950, as amended. It implements the audit provisions of the Chief Financial Officers (CFOs) Act of 1990 (P.L. 101-576), as amended, the Government Management Reform Act (GMRA) of 1994 (P.L. 103-356), and the Federal Financial Management Improvement Act of 1996 (P.L. 104-208). The requirements of this Bulletin are set forth in the Attachment. 2. Applicability. The provisions of the Bulletin apply to audits of financial statements of executive departments and agencies and certain components of these agencies, listed in Appendices A and B, respectively. 3. Effective Date. The provisions of this Bulletin are effective for audits of financial statements for fiscal years ending on or after September 30, 1998. Audit reports shall be submitted to the agency head in sufficient time to enable the agency head to meet the due date for submitting the audited financial statement under GMRA, no later than March 1 following the end of the fiscal year for which the financial statements were prepared. 4. Inquiries. Further information concerning this Bulletin may be obtained by contacting the Office of Management and Budget (OMB), Office of Federal Financial Management, Washington, DC 20503, telephone (202) 395-3993. 5. Copies.
Individual copies of this Bulletin may be obtained from the Executive
Office of the President, Publications Office at (202) 395-7332,
and from the OMB home page on the Internet at /OMB.
Jacob J. Lew Attachment OMB Bulletin No. 98-08 ATTACHMENT AUDITS OF FEDERAL FINANCIAL STATEMENTS 1.BACKGROUND. The Government Management Reform Act (GMRA) of 1994 amended the requirements of the Chief Financial Officers (CFOs) Act of 1990 by requiring, among other things, the annual preparation and audit of organizationwide financial statements of 24 executive departments and agencies (Appendix A). The GMRA also requires audited financial statements of components of executive departments and agencies designated by the Director of the Office of Management and Budget (OMB), which are identified in Appendix B. In addition, the Federal Financial Management Improvement Act (FFMIA) of 1996 requires, among other things, that the report on these audits state whether the agency financial management systems comply substantially with Federal financial management systems requirements, applicable Federal accounting standards, and the U.S. Government Standard General Ledger at the transaction level. 2. DEFINITIONS. For
the purposes of this Bulletin, the following definitions apply:
c. "Federal accounting standards" are those standards included in the hierarchy of Federal accounting standards described in paragraph 5 of this Bulletin. d. "Federal financial management systems requirements" are those requirements described in OMB Circular A-127, "Financial Management Systems." e. Government Auditing Standards are those standards issued by the Comptroller General of the United States. f. "Independent auditor" means an auditor who meets the independence standards specified in the Government Auditing Standards. g. "Internal control," as it relates to the Principal Statements and Required Supplementary Stewardship Information, is a process, effected by the agency's management and other personnel, designed to provide reasonable assurance that the following objectives are met: (2) Compliance with applicable laws and regulations - transactions are executed in accordance with: (a) laws governing the use of budget authority and other laws and regulations that could have a direct and material effect on the Principal Statements or Required Supplementary Stewardship Information, and (b) any other laws, regulations, and governmentwide policies identified by OMB in Appendix C of this Bulletin; and (3) Reliability of performance reporting - transactions and other data that support reported performance measures are properly recorded, processed, and summarized to permit the preparation of performance information in accordance with criteria stated by management. i. "Material weaknesses in internal control" are reportable conditions in which the design or operation of the internal control does not reduce to a relatively low level the risk that errors, fraud or noncompliance in amounts that would be material in relation to the Principal Statements or Required Supplementary Stewardship Information being audited or material to a performance measure or aggregation of related performance measures may occur and not be detected within a timely period by employees in the normal course of performing their assigned functions. The auditor shall use this definition of material weaknesses to report on an entity's internal control in accordance with the requirements of Government Auditing Standards and this Bulletin rather than the definition of material weaknesses used by management to prepare an agency's Federal Managers' Financial Integrity Act (FMFIA) of 1982 report. j. "Overview of the Reporting Entity" means a brief narrative overview, prepared by management, also called Management's Discussion and Analysis (MD&A), which describes the reporting entity and its mission, activities, program and financial results, and financial condition. OMB's Form and Content Bulletin further defines the "Overview of the Reporting Entity." k. "Reportable conditions" are matters coming to the auditor's attention that, in the auditor's judgment, should be communicated because they represent significant deficiencies in the design or operation of internal control, that could adversely affect the organization's ability to meet the objectives in paragraph 2.g. of this Bulletin. l. "Reporting Entity" means one of the executive departments and agencies and components of such departments and agencies listed in Appendices A and B, or an agency, bureau, or other organization that represents a meaningful unit for program management, for which a financial statement is prepared, and for which management chose to have an audit performed in accordance with this Bulletin. OMB's Form and Content Bulletin further defines "Reporting Entity." m. "United States Government Standard General Ledger (SGL)" means the uniform chart of accounts prescribed by the Department of the Treasury in its Treasury Financial Manual. 3. FREQUENCY OF AUDIT. Audits shall be performed annually. 4. RESPONSIBILITY FOR AUDIT. For purposes of this Bulletin, the following responsibilities apply: a. For the 24 executive departments and agencies and selected components of such departments and agencies listed in Appendices A and B, the audits of financial statements shall be performed by the IG of the executive department or agency or by an independent auditor as determined by the IG. b. GMRA provides that, in lieu of an audit otherwise required, the Comptroller General of the United States may, at his or her discretion and following consultation with the IG, perform the audit. 5. ACCOUNTING PRINCIPLES AND STANDARDS. The Federal Accounting Standards Advisory Board (FASAB) was established by the Secretary of the Treasury, the Director of OMB, and the Comptroller General (the Principals) to recommend Federal accounting standards to the Principals. Specific standards agreed upon by the Principals are issued by the Director of OMB and the Comptroller General as Statements of Federal Financial Accounting Standards (SFFASs). Federal agencies are required to follow these standards in the preparation of financial statements pursuant to GMRA. Recognizing that the SFFASs may not explicitly address all transactions of departments and agencies, the Principals adopted the following hierarchy of Federal accounting standards, which constitutes generally accepted accounting principles for the Federal Government: a. Individual standards (SFFASs) agreed to by the Director of OMB, the Comptroller General, and the Secretary of the Treasury and published by OMB and the General Accounting Office. b. Interpretations related to the SFFASs issued by OMB in accordance with the procedures outlined in OMB Circular A-134, "Financial Accounting Principles and Standards." c. Requirements contained in OMB's Form and Content Bulletin in effect for the period covered by the financial statements. d. Accounting principles published by other authoritative standard-setting bodies and other authoritative sources (a) in the absence of other guidance in the first three parts of this hierarchy, and (b) if the use of such accounting principles improves the meaningfulness of the financial statements. 6. SCOPE OF AUDIT. Financial statements shall be audited in accordance with Government Auditing Standards and the provisions of this Bulletin. a. With respect to the Principal Statements and Required Supplementary Stewardship Information, the auditor shall: (b) If the auditor
is unable to determine whether the Principal Statements are
fairly presented because, for example, of the auditor's inability
to obtain sufficient competent evidential matter due to inadequate
accounting records, the auditor shall, to the extent practicable,
obtain sufficient evidence about closing balances to enable
the auditor to opine on the subsequent year's financial statements.
(3) Determine whether stewardship investments (including non-Federal physical property (such as highways), human capital (expenditures for training and education), and research and development) are presented fairly in all material respects, in accordance with the requirements of SFFAS No. 8, and any subsequent revisions. (4) Determine whether risk-assumed information (including projections of pension, deposit, and other insurance programs required by SFFAS No. 5, "Accounting for Liabilities of the Federal Government") is presented fairly in all material respects, in accordance with the requirements of SFFAS No. 5, and any subsequent revisions. In assessing the reasonableness of risk-assumed information, the auditor shall consider the need to follow the guidance in Auditing (AU) Section 336, "Using the Work of a Specialist," of the Codification of Statements on Auditing Standards. (5) Consider social insurance information, when presented, other accompanying information. See AU Section 551, Codification of Statements on Auditing Standards.
(2) The auditor shall compare material weaknesses disclosed during the audit with those material weaknesses reported in the agency's FMFIA report that relate to the financial statements of the entity under audit and document material weaknesses disclosed by audit that were not reported in the agency's FMFIA report. The auditor should consider whether the failure to detect and report material weaknesses constitutes a reportable condition or material weakness in the entity's internal control. d. With respect to compliance with applicable laws and regulations, the auditor shall perform tests of compliance with laws and regulations that could have a direct and material effect on the Principal Statements and Required Supplementary Stewardship Information, and any other laws, regulations, and governmentwide policies identified by OMB in Appendix C of this Bulletin. e. With respect to compliance with governmentwide policies contained in OMB Circular A-127, using the guidance in Appendix D, the auditor shall perform tests of compliance with Federal financial management systems requirements(2), applicable Federal accounting standards, and the SGL at the transaction level. This provision only applies to audits of entities listed in Appendices A and B. Circular A-127 requires the agency to establish and maintain a single, integrated financial management system that complies with characteristics stated therein, that include maintaining accounting data to permit reporting in accordance with Federal accounting standards, application of the SGL at the transaction level, and incorporation of the functional requirements issued by the Joint Financial Management Improvement Program (JFMIP) in its series Federal Financial Management Systems Requirements (FFMSR). As of the date of this Bulletin, the issuances in this series are: -- Framework for
Federal Financial Management Systems, FFMSR-0, January 1995,
f. With respect to information accompanying the Principal Statements and Required Supplementary Stewardship Information, the auditor shall assess whether the information and manner of its presentation in the Overview of the Reporting Entity (or MD&A) and any other accompanying information is materially inconsistent with the information in the Principal Statements and Required Supplementary Stewardship Information. g. With respect to required supplementary information referred to in paragraph 2.a.(4) of this Bulletin, the auditor shall follow AU Sections 551 and 558, Codification of Statements on Auditing Standards. h. The auditor shall obtain written representation from management as part of an audit conducted in accordance with this Bulletin. See AU Section 333, "Management Representations," of the Codification of Statements on Auditing Standards. An illustrative management representation letter is provided in Appendix E. i. The auditor shall request entity management to send a letter of inquiry to those lawyers with whom management consulted concerning litigation, claims, and assessments. See AU Section 337, "Inquiry of a Client's Lawyer Concerning Litigation, Claims, and Assessments," of the Codification of Statements on Auditing Standards.
(2) The Inspector General shall submit to OMB (Deputy Controller, Office of Federal Financial Management), Department of the Treasury (Commissioner, Financial Management Service), and the General Accounting Office (Assistant Comptroller General, Accounting and Information Management Division) copies of the interim and updated legal responses described in paragraph 6.i.(1) by December 31 and March 10, respectively. (3) If the audit is completed prior to December 1, the legal response provided in connection with the audit may be used in place of the interim response described in paragraph 6.i.(1). In addition, an updated legal response to be effective no earlier than February 15 shall be provided. These legal responses shall be submitted in accordance with paragraph 6.i.(2). a. An audit report, or separate audit reports, on the Principal Statements and Required Supplementary Stewardship Information, internal control, and compliance shall be prepared at the completion of the audit. The audit report(s) shall be submitted to the agency head in sufficient time to enable the agency head to meet the due date for submitting the audited financial statement under GMRA, no later than March 1 following the end of the fiscal year for which the financial statements were prepared. The audit results shall be discussed with management as soon as practicable but, in any case, prior to issuance of the audit report. IGs are encouraged to work with CFOs to accelerate the preparation of financial statements, and to accelerate the completion of audits. b. The audit report(s) shall state that the audit was made in accordance with Government Auditing Standards and the provisions of this Bulletin. c. The audit report(s) shall include:
(b) When required supplementary information referred to in paragraph 2.a.(4) of this Bulletin is presented, the auditor shall follow AU Sections 551 and 558, Codification of Statements on Auditing Standards. (c) If the financial statements are not prepared in accordance with Federal accounting standards, the auditor shall report the departure(s) from those standards and, if practicable, the effects of the departure(s) on assets, liabilities, and net position; net costs; changes in net position; budgetary resources; reconciliation of net costs to budgetary obligations; and, if applicable, custodial activity either directly in the auditor's report on the Principal Statements and Required Supplementary Stewardship Information or by reference in the auditor's report to an explanatory note in the Notes to Principal Statements, or Required Supplementary Stewardship Information, if applicable, prepared by management. (d) If the auditor disclaims an opinion, the report shall describe why the auditor was unable to conduct the audit in accordance with Government Auditing Standards and this Bulletin. If material weaknesses and other reportable conditions prevented the conduct of the audit in accordance with Government Auditing Standards and this Bulletin, such conditions shall be included in the report on internal control described in paragraph 7.c. (2), along with recommendations for correcting the condition(s). (e) When there is
a change in accounting principles, for example, changes to comply
with SFFASs, the auditor's report on the Principal Statements
and Required Supplementary Stewardship Information shall include
an explanatory paragraph identifying the nature of the change
and referring the reader to the note to the Principal Statements,
or Required Supplementary Stewardship Information, where applicable,
that discusses the change in detail.
(b) State that, with respect to the internal control objective described in paragraph 2.g.(3) of this Bulletin, and relating to the performance measures included in the Overview of the Reporting Entity, the auditor obtained an understanding of the design of internal controls relating to the existence and completeness assertions and determined whether they have been placed in operation. (c) State whether or not the tests performed provided sufficient evidence to support an opinion on internal controls. (d) Describe reportable conditions and material weaknesses identified during the audit. (e) Identify those
material weaknesses disclosed by audit that were not reported
in the reporting entity's FMFIA report.
(b) With respect to laws and regulations tested for which the audit disclosed no reportable instances on noncompliance, the report shall state that the audit disclosed no reportable instances of noncompliance with these laws and regulations. A listing of these laws and regulations is not required. (c) For compliance
with governmentwide policy requirements contained in OMB Circular
A-127 and referred to in FFMIA, the auditor shall report whether
the reporting entity's financial management systems substantially
comply with Federal financial management systems requirements,
Federal accounting standards, and the SGL at the transaction
level. To meet this requirement, the auditor's report shall
state the auditor's reporting requirement and that the auditor
performed tests of compliance in accordance with the requirements
of this Bulletin (see Appendix D). The audit report shall reflect
instances in which the reporting entity's systems did not substantially
comply with the three Federal financial management systems requirements,
or state that the audit disclosed no instances in which the
reporting entity's systems did not substantially comply with
the three requirements. In addition, as required by FFMIA, where
tests disclosed that the reporting entity's systems did not
substantially comply with the three requirements, the auditor's
report on compliance shall:
(ii) Include all facts pertaining to the noncompliance, including the nature and extent of the noncompliance, the primary reason or cause of the noncompliance, and any relevant comments from reporting entity management or employees responsible for the noncompliance. (iii) Provide
recommended remedial actions and the time frames to implement
such actions. e. The reporting entity shall provide comments on the auditor's findings and recommendations included in the audit report, including corrective actions taken or planned and comments on the status of corrective actions taken on prior findings. To the extent practical, these comments shall be included in the audit reports on internal control or report on compliance. If corrective actions are not necessary, an explanatory statement shall be included in the applicable audit report. f. Copies of the audit report shall be distributed to the head of the executive department or agency and subsequently included in the CFO's annual report or the agency's Accountability Report. 8. MANAGEMENT LETTER. Conditions that are not required to be included in the audit report, but that the auditor considers necessary to communicate, should be separately communicated to management of the reporting entity in a management letter. If a management letter is issued, the auditor shall refer to that management letter in the auditor's report on internal control (see paragraph 5.28 of Government Auditing Standards). 9. AGREED-UPON PROCEDURES: RETIREMENT, HEALTH, AND LIFE INSURANCE WITHHOLDINGS/CONTRIBUTIONS AND SUPPLEMENTAL SEMIANNUAL HEADCOUNT REPORT SUBMITTED TO THE OFFICE OF PERSONNEL MANAGEMENT (OPM). The agreed-upon procedures listed in Appendix H shall be applied separately for each Agency Payroll Office (APO) that services 30,000 or more employees per year for the agencies listed in Appendix A during the course of conducting audits in accordance with this Bulletin. Additionally, the agreed-upon procedures shall be applied each year to at least one APO per CFOs Act agency (listed in Appendix A). The period subject to the agreed-upon procedures shall be for the 12 months ended September 30 of each year. Reports on the application of these procedures shall be addressed and submitted to the Inspector General of OPM. Report copies shall be provided to OPM's CFO and Associate Director for Retirement and Insurance. These reports shall be submitted no later than December 15 following the end of the fiscal year for which the financial statements are prepared. The provisions of this paragraph are subject to AU Section 622, "Engagements to Apply Agreed-Upon Procedures to Specified Elements, Accounts, or Items of a Financial Statement," Codification of Statements on Auditing Standards. 10. INSPECTOR GENERAL OVERSIGHT. a. IGs shall:
(2) Provide technical advice and liaison to agency officials and independent external auditors. (3) Obtain or make quality control reviews of audits made by independent external auditors and provide the results, when appropriate, to other interested organizations. (4) Monitor and report on management's progress in resolving audit findings related to audits made pursuant to this Bulletin, in accordance with the Inspector General Act of 1978, as amended, the provisions of OMB Circular A-50, "Audit Followup," and FFMIA. Appendix A: Executive Departments and Agencies Required to Prepare Financial Statements Appendix B: Components of Executive Departments and Agencies Required to Prepare Financial Statements Appendix C: General Laws Appendix D: The Federal Financial Management Improvement Act of 1996 -- OMB Implementation Guidance for CFOs and IGs Appendix E: Illustrative Management Representation Letter Appendix F: Illustrative Auditor's Report on Internal Control Appendix G: Illustrative Auditor's Report on Compliance with Laws and Regulations Appendix H: Agreed-Upon Procedures: Retirement, Health, and Life Insurance Withholdings/Contributions and Supplemental Semiannual Headcount Report Submitted to the Office of Personnel Management
EXECUTIVE DEPARTMENTS AND AGENCIES REQUIRED TO PREPARE FINANCIAL STATEMENTS Department of Agriculture
Food and Nutrition Service Forest Service Rural Development Mission Area Department of
Defense Department of
Health and Human Services Department of
Labor Department of
Transportation Department of
the Treasury Office of Personnel
Management
Anti-Deficiency Act (codified as amended in 31 U.S.C. 1341, 1342, 1351, 1517) Provisions Governing Claims of the United States Government as provided primarily in sections 3711-3720E of Title 31, United States Code (including provisions of the Debt Collection Improvement Act of 1996, Pub. L. No. 104-134, 110 Stat. 1321-358, which also is codified in various sections of 5 U.S.C., 18 U.S.C., 26 U.S.C., 28 U.S.C., 31 U.S.C., 42 U.S.C.) Federal Credit Reform Act of 1990, Pub. L. No. 101-508, 104 Stat. 1388-610 (codified in various sections of 2 U.S.C.) Pay and Allowance System for Civilian Employees as provided primarily in Chapters 51-59 of Title 5, United States Code Prompt Payment Act (codified as amended in 31 U.S.C. 3901-3907) THE FEDERAL FINANCIAL
MANAGEMENT IMPROVEMENT Introduction The Federal Financial Management Improvement Act of 1996 (FFMIA), 31 U.S.C. 3512, fundamentally does two things:
Substantive Statutory Requirement The 1997 Omnibus Consolidated Appropriations Act includes Title VIII, the Federal Financial Management Improvement Act of 1996. Section 803(a) of this Act states: "In General -- Each agency shall implement and maintain financial management systems that comply substantially with Federal financial management systems requirements, applicable Federal accounting standards, and the United States Government Standard General Ledger (SGL) at the transaction level." These three requirements -- Federal financial management system requirements, applicable Federal accounting standards, and the SGL -- are already well-established in Executive Branch policy documents. These documents, which are described in more detail below, include: OMB Circulars (A-127, "Financial Management Systems" and A-134, "Financial Accounting Principles and Standards"), Joint Financial Management Improvement Program (JFMIP) documents (such as the Core System Requirements), and Treasury Department policies. Section 803 (a) of FFMIA does not establish any new financial system requirements. Other sections of FFMIA establish new procedural requirements. However, these new requirements follow the basic principles established in Federal audit policies:
Relationship to Section 4 of FMFIA (the Integrity Act) There is a close, if not overlapping, relationship between FFMIA and the Federal Managers' Financial Integrity Act (FMFIA). Since the acronyms are similar, this guidance refers to FMFIA as the Integrity Act. The Integrity Act requires that the agency head, on an annual basis no later than December 31, provide an assurance statement with respect to agency management controls (Section 2) and agency compliance with financial management system requirements (Section 4). For the most part, in many agencies, the Integrity Act statement of assurance for Section 4 provides management's assertion of compliance with section 803(a) of FFMIA. Section 803, Implementation of FFMIA Section 803 (a), cited above, states: "In General -- Each agency shall implement and maintain financial management systems that comply substantially with Federal financial management systems requirements, applicable Federal accounting standards, and the United States Government Standard General Ledger (SGL) at the transaction level." This section of the guidance more fully describes (1) Federal financial management systems requirements; (2) applicable Federal accounting standards; and (3) the SGL at the transaction level. In each section, information is provided on substantial compliance and types of indicators to be used in assessing whether an agency is in substantial compliance. The criteria are broad and flexible; yet, they provide a practical basis for measuring achievement in complying with the FFMIA requirements. (1) Federal Financial Management Systems Requirements Circular A-127 prescribes policies and standards for agencies to follow in developing, operating, evaluating, and reporting on financial management systems. In addition, Circular A-127 also incorporates by reference: Circular A-123, "Management Accountability and Control;" Circular A-130, "Management of Federal Information Resources;" other operating policies and related requirements prescribed by OMB; and Federal Financial Management Systems Requirements issued by JFMIP. The financial management systems subject to the requirements of FFMIA are included in the inventory of financial management systems subject to the requirements of Section 4 of the Integrity Act. Compliance with the financial management systems requirements of FFMIA applies to all financial management systems essential to meeting financial statement preparation and budgetary reporting requirements. An agency of the Federal Government is considered to be in substantial compliance with financial management system requirements if:
An agency of the Federal Government will be considered in substantial compliance with Federal accounting standards if the agency prepares audited financial statements in accordance with the hierarchy of Federal accounting standards included in paragraph 5 of OMB Bulletin 98-08. Substantial compliance does not require all transactions to be in full compliance with Federal accounting standards at the point of original entry, but that financial information used in the preparation of financial statements, based on such transactions, is adequately supported by detailed financial records (automated or manual). Indicators:
Implementing the SGL at the transaction level requires that the Core Financial System General Ledger Management Function is in full compliance with the SGL chart of accounts descriptions and posting rules; transactions from feeder systems are summarized and fed into the Core Financial System's General Ledger following SGL requirements through an interface (automated or manual); detail supporting the interface transactions can be traced back to the source transactions in the feeder systems; and the feeder systems process transactions consistent with SGL account descriptions and posting. An agency of the Federal Government will be considered in substantial compliance with the SGL at the transaction level requirement if the agency's classification of financial events for its financial statements and required financial information provided to the Department of the Treasury and OMB is consistent with the account descriptions and posting rules as approved by the SGL Board and published by the Treasury Department's Financial Management Service in the Treasury Financial Manual. Indicators:
Based on the foregoing, the auditor shall use professional judgment in determining substantial compliance with the systems requirements of FFMIA. However, lack of substantial compliance with the requirements in any one or more of the three areas included in FFMIA -- Federal financial management system requirements, Federal accounting standards, and the SGL -- would result in lack of substantial compliance with FFMIA. Further, a lack of substantial compliance with any one or more of the indicators described herein would typically result in a lack of substantial compliance with one or more of the three areas described above and, thus, a lack of substantial compliance with the systems requirements of FFMIA. Judgment shall be used in determining a lack of substantial compliance with an indicator. For instance, if an auditor finds that a few budget execution reports were submitted late to OMB and contained minor inaccuracies, this may not result in a lack of substantial compliance with the indicator regarding standard budget execution information.
[Date of auditor's report] [Name and title of head
of audit organization] Dear [name of head of audit organization]: This letter is in connection with your audits of the [entity's] Principal Statements and Required Supplementary Stewardship Information (hereinafter referred to as "financial statements") (list Principal Statements and Required Supplementary Stewardship Information) as of [end of year(s) covered by principal statements and required supplementary stewardship information and for the year(s) then ended] for the purposes of (1) expressing an opinion as to whether the principal statements and required supplementary stewardship information are presented fairly, in all material respects, in conformity with Federal accounting standards, and (2) reporting whether the agency's financial management systems substantially comply with Federal financial management systems requirements, applicable Federal accounting standards, and the U.S. Government Standard General Ledger at the transaction level as of [the end of the period(s) covered by the financial statements]. We confirm, to the best of our knowledge and belief, the following representations made to you during your audits, that these representations are as of the date of your auditor's report, and pertain to the period [or periods] covered by the principal financial statements. [If comparative statements are presented the following sentence should be added: "These representations update the representations we provided in conjunction with your audit of the financial statements as of and for the year ended (state year)."] 1. We are responsible for the fair presentation of the financial statements in conformity with Federal accounting standards [or, where applicable, for the fair presentation of the financial statements in conformity with generally accepted accounting principles]. 2. The financial statements are fairly presented in conformity with Federal accounting standards [or, where applicable, generally accepted accounting principles]. 3. We have made available to you, all b. where applicable, minutes of meetings of the Board of Directors [or other similar bodies] or summaries of actions of recent meetings for which minutes have not been prepared, and c. communications from OMB concerning noncompliance with or deficiencies in financial reporting practices. 5. The [entity] has satisfactory title to all owned assets, including stewardship property, plant, and equipment; such assets have no liens or encumbrances, nor have any assets been pledged. 6. We have no plans or intentions that may materially affect the carrying value or classification of assets and liabilities. 7. Guarantees under which the agency is contingently liable have been properly reported or disclosed. 8. Related party transactions and related accounts receivable or payable, including assessments, loans, and guarantees have been properly recorded and disclosed. 9. All intra-governmental transactions and activities have been appropriately recorded, reported, and disclosed. 10. There are no: b. material liabilities or gain or loss contingencies that are required to be accrued or disclosed, that have not been accrued or disclosed, or c. unasserted claims or assessments that are probable of assertion and that must be disclosed, that have not been disclosed. 12. No material events or transactions have occurred subsequent to [the date of latest audited financial statements] that have not been properly recorded in the financial statements and required supplementary stewardship information or disclosed in the notes thereto. 13. There has been no material fraud (intentional misstatements or omissions of amounts or disclosures in financial statements and misappropriation of assets that could have a material affect on the financial statements) or any fraud involving management or employees who have significant roles in internal control. [Fraud meeting foregoing criteria should be described.] 14. We are responsible for establishing and maintaining internal control. 15. Pursuant to the Federal Managers Financial Integrity Act, we have assessed the effectiveness of [entity's] internal control in achieving the following objectives: b. Compliance with applicable laws and regulations - transactions are executed in accordance with: (i) laws governing the use of budget authority and other laws and regulations that could have a direct and material effect on the financial statements, and (ii) any other laws, regulations, and governmentwide policies identified by the Office of Management and Budget (OMB) in Appendix C of OMB Bulletin 98-08; and c. Reliability of performance reporting - transactions and other data that support reported performance measures are properly recorded, processed, and summarized to permit the preparation of performance information in accordance with criteria stated by management. If there are material weaknesses in internal control, the forgoing representation should be modified to read: "Those controls in place on September 30, XXXX, provided reasonable assurance that the foregoing objectives are met except for the effects of the material weaknesses discussed below or in the attachment," or a statement that "internal controls are not effective" or "do not meet the foregoing objectives." 17. We are responsible for implementing and maintaining financial management systems that comply substantially with Federal financial management systems requirements contained in OMB Circular A-127, "Financial Management Systems," applicable Federal accounting standards, and the United States Government Standard General Ledger (SGL) at the transaction level. 18. We have assessed the financial management systems to determine whether they comply substantially with these Federal financial management systems requirements. Our assessment was based on criteria established under OMB Circular A-127 and guidance issued by OMB and included in Appendix D of OMB Bulletin 98-08. 19. The financial management systems complied substantially with Federal financial management systems requirements, applicable Federal accounting standards, and the SGL at the transaction level as of the [date of financial statements]. [If the financial management systems did not substantially comply, the following paragraphs should be used instead: As of [date of financial statements], the entity's financial management systems do not comply substantially with the Federal financial management systems requirements. Identify herein or in an attachment all the facts pertaining to the noncompliance, including the nature and extent of the noncompliance and the primary reason or cause of the noncompliance. This representation does not change the representation in paragraph 2 of this letter.] 20. We are responsible for [entity's] compliance with applicable laws and regulations. 21. We have identified and disclosed to you all laws and regulations that have a direct and material effect on the determination of financial statement amounts. 22. We have disclosed to you all known instances of noncompliance with laws and regulations. [Signed by Agency Head]
ILLUSTRATIVE AUDITOR'S REPORT ON INTERNAL CONTROL We have audited the Principal Statements and Required Supplementary Stewardship Information (hereinafter referred to as "financial statements") of [Name of Federal Agency] as of and for the year ended September 30, XXXX, and have issued our report thereon dated _____________. We conducted our audit in accordance with generally accepted auditing standards; the standards applicable to financial audits contained in Government Auditing Standards, issued by the Comptroller General of the United States; and, Office of Management and Budget (OMB) Bulletin No. 98-08, "Audit Requirements for Federal Financial Statements." In planning and performing
our audit, we considered [Name of Federal Agency]'s internal
control over financial reporting by obtaining an understanding of
the agency's internal controls, determined whether these internal
controls had been placed in operation, assessed control risk, and
performed tests of controls in order to determine our auditing procedures
for the purpose of expressing our opinion on the financial statements
and not to provide assurance on the internal control over financial
reporting. Consequently, we do not provide an opinion on internal
controls.(9) If none of the reportable conditions is believed to be a material weakness, the report should state the following: "However, none of the reportable conditions is believed to be a material weakness." If no reportable conditions were noted during the audit, the report should state the following: "However, we noted no matters involving the internal control and its operation that we considered to be material weaknesses as defined above." In addition, with respect to internal controls related to performance measures reported in [refer to section of financial statement or accountability report], we obtained an understanding of the design of significant internal controls relating to the existence and completeness assertions, as required by OMB Bulletin 98-08. Our procedures were not designed to provide assurance on internal control over reported performance measures, and, accordingly, we do not provide an opinion on such controls. If conditions came to the auditor's attention that in his or her judgment represent significant deficiencies in the design or operation of internal control over performance measures, which could adversely affect the agency's ability to collect, process, record, and summarize performance information and report performance measures in accordance with management's criteria, the following sentence should be added to the foregoing paragraph. "However, we noted certain significant deficiencies in internal control over reported performance measures [discussed in the following paragraphs or accompanying schedule] that, in our judgment, could adversely affect the agency's ability to collect, process, record, and summarize performance information and report performance measures in accordance with management's criteria." This report is intended for the information of the management of [Name of Federal Agency], OMB and Congress. However, this report is a matter of public record and its distribution is not limited. [Signature] [Date]
[Addressee] We have audited the Principal Statements and Required Supplementary Stewardship Information (hereinafter referred to as "financial statements") of [Name of Federal Agency] as of and for the year ended September 30, XXXX, and have issued our report thereon dated ______________. We conducted our audit in accordance with: generally accepted auditing standards; the standards applicable to financial audits contained in Government Auditing Standards, issued by the Comptroller General of the United States; and, Office of Management and Budget (OMB) Bulletin No. 98-08, "Audit Requirements for Federal Financial Statements." The management of [Name of Federal Agency] is responsible for complying with laws and regulations applicable to the agency. As part of obtaining reasonable assurance about whether the agency's financial statements are free of material misstatement, we performed tests of its compliance with certain provisions of laws and regulations, noncompliance with which could have a direct and material effect on the determination of financial statement amounts and certain other laws and regulations specified in OMB Bulletin 98-08, including the requirements referred to in the Federal Financial Management Improvement Act (FFMIA) of 1996. The results of our tests of compliance with the laws and regulations described in the preceding paragraph exclusive of FFMIA(10) disclosed instances of noncompliance with the following laws and regulations that are required to be reported under Government Auditing Standards and OMB Bulletin 98-08, which are described below. Under FFMIA, we are required to report whether the agency's financial management systems substantially comply with the Federal financial management systems requirements, Federal accounting standards, and the United States Government Standard General Ledger at the transaction level. To meet this requirement, we performed tests of compliance using the implementation guidance for FFMIA included in Appendix D of OMB Bulletin 98-08. The results of our tests disclosed no instances in which the agency's financial management systems did not substantially comply with the three requirements discussed in the preceding paragraph. [If the results of tests disclosed that the agency's systems did not substantially comply with the foregoing requirements, the preceding sentence should be replaced with the following: 1. The entity or organization responsible for the financial management systems that were found not to comply with the requirements. 2. All facts pertaining to the noncompliance, including: (a) the nature and extent of the noncompliance, (b) the primary reason or cause of the noncompliance, and (c) any relevant comments from reporting entity management or employees responsible for the noncompliance. 3. Recommended remedial actions and the time frames to implement such actions.] Providing an opinion on compliance with certain provisions of laws and regulations was not an objective of our audit and, accordingly, we do not express such an opinion.(11) This report is intended for the information of the management of [Name of Federal Agency], OMB, and Congress. However, this report is a matter of public record, and its distribution is not limited. [Signature] [Date]
AGREED-UPON PROCEDURES: RETIREMENT, HEALTH, AND LIFE INSURANCE WITHHOLDINGS/CONTRIBUTIONS AND SUPPLEMENTAL SEMIANNUAL HEADCOUNT REPORT SUBMITTED TO THE OFFICE OF PERSONNEL MANAGEMENT Objective: To perform the procedures enumerated below to assist the Office of Personnel Management (OPM) in assessing the reasonableness of retirement, health, and life insurance withholdings/contributions and employee headcount data submitted by agencies. (Questions may be directed to OPM's Financial Policy Staff at (202) 606-0606.) Procedures: Gain an understanding of the Agency Payroll Office's (APO's) procedures for reconciling payroll registers to Form 2812, Report of Withholdings and Contributions for Health Benefits, Life Insurance and Retirement. Obtain the APO's most recent Supplemental Semiannual Headcount Report submitted to OPM and the summary of Form 2812 submissions and related payments to OPM for the current fiscal year. Randomly select two Form 2812s submitted for the current fiscal year, and also obtain the Form 2812 that coincides with the most recent Supplemental Semiannual Headcount Report. Obtain payroll registers or payroll data files for the periods covered by the Form 2812s selected. 1. Perform the following procedures: b. Trace employee withholding information shown on the payroll register or derived from files footed in step 1.a. for retirement, health, and life insurance benefits (as adjusted for reconciling items) to the related amounts shown on the Form 2812s for the corresponding period. c. Obtain support for differences between amounts shown on the payroll register or derived from files footed in step 1.a. and amounts shown on the Form 2812s selected. d. Trace reconciling items to supporting documentation and verify agreement. e. Foot each Form 2812 selected. 2. For the three pay periods selected, review the APO's reconciliation of the payroll data file to the general ledger accounts or, if such a reconciliation does not exist, perform the reconciliation. Report when the APO did not prepare the reconciliation. Also report any unsupported or unsubstantiated differences (i.e., gross rather than net) in the total payroll paid for the selected pay period and the amount recorded in the general ledger that exceeds 5% of total payroll. To the extent practical, management's comments on the auditor's findings shall be included in the report. 3. From the payroll registers corresponding to the three Form 2812s selected for testing in step 1, randomly select a total of twenty-five individuals from the payroll registers or files footed in step 1.a. that have retirement, health, and life insurance and at least one optional life coverage. For step 3.d. only, randomly select additional individuals as necessary so that ten individuals are selected for each life insurance option (i.e., Options A, B, and C). For each individual selected, perform the following procedures: b. For retirement withholdings (contributions), verify that retirement withholdings for participants in the Civil Service Retirement System (CSRS) and Federal Employees Retirement System (FERS) are the amounts required by law. c. For health insurance withholdings (contributions), verify that the withholdings agree with the contribution rate or amount for coverage selected as documented in the employees' personnel file. d. For life insurance withholdings (contributions), verify that the contributions agree with the contribution rate (amount) for the coverage selected as documented in the employees' personnel file (or at the contribution rate or amount for basic coverage if no other option was selected). 4. Randomly select a total of ten employees who do not have either health or life insurance withholdings from the payroll registers or related files footed in step 1.a. and verify from a review of personnel records that the employees elected to be excluded from health and/or life insurance coverage. Report any differences or exceptions that are unsupported or unsubstantiated, or represent an error. To the extent practical, management's comments on the auditor's findings shall be included in the report. 5. Recalculate the headcount reflected on the Supplemental Semiannual Headcount Report selected for testing above as follows: b. Calculate the headcount by: (1) counting the number of employees listed on a payroll register page (estimate the number per page by counting the employees listed on several pages), (2) counting the number of pages in the payroll register, and (3) multiplying the number of employees by the number of pages, or count (using a computer audit routine) the number of employees on the payroll data file for the period. c. Compare the calculated headcount from step 5.b. with the summary information queried in step 5.a. and information shown on headcount reports. d. Report any differences (i.e., gross rather than net) greater than 2% between the headcount reporting on the agency's Supplemental Semiannual Headcount Report and the calculated headcount from step 5.b. To the extent practical, management's comments on the auditor's findings shall be included in the report. ii. Compare the
calculated totals with related amounts shown on the Form 2812s.
Report any variances (i.e., gross rather than net) between the
calculated amounts and the amounts reported on the Form 2812s
greater than 5%. ii. Sum the totals
in step 6.b.i. and compare the result with the health insurance
withholding and contribution amounts shown on the Form 2812s.
Report any variances (i.e., gross rather than net) between the
calculated amounts and the amounts reported on the Form 2812s
greater than 5%. ii. Compare the result in step 6.c.i. to the withholdings for basic life coverage reported on the Form 2812. Report any difference (i.e., gross rather than net) between the estimate and the amount of withholdings reported on the Form 2812 greater than 5%. iii. For employer contributions: Divide the results of step 6.c.i. by one-half. This approximates employer contributions, which are one-half of employee withholdings. iv. Compare the
result in step 6.c.iii. to the amount reported on the Form 2812.
Report any differences (i.e., gross rather than net) between
the estimate and the amount reported on the Form 2812 greater
than 5%. (b) Contributions for Option B cannot be tested for reasonableness by these methods because of the number of variables involved in electing this option. To the Inspector General
We have performed the procedures described below (or in the attachment), which were agreed to by the Inspector General, Chief Financial Officer, and the Associate Director for Retirement and Insurance of the U.S. Office of Personnel Management (OPM), solely to assist with respect to the employee withholdings and employer contributions reported on the Report of Withholdings and Contributions for Health Benefits, Life Insurance, and Retirement for the payroll periods ended [state dates] and Supplemental Semiannual Headcount Report as of [state date]. This engagement to apply agreed-upon-procedures was performed in accordance with the standards established by the American Institute of Certified Public Accountants. The sufficiency of the procedures is solely the responsibility of the Inspector General, Chief Financial Officer, and the Associate Director for Retirement and Insurance of OPM. Consequently, we make no representation regarding the sufficiency of the procedures described below either for the purpose for which this report has been requested or for any other purpose. Insert the following unless the procedures and findings are in an attachment. The procedures and the associated findings are as follows: [Insert procedures and findings] We were not engaged to, and did not, perform an audit, the objective of which would be the expression of an opinion on the withholdings and contributions for health benefits, life insurance, and retirement, and employee headcount of the [name of agency]. Accordingly, we do not express such an opinion. Had we performed additional procedures, other matters might have come to our attention that would have been reported to you. This report is intended solely for the use of the Inspector General, Chief Financial Officer, and the Associate Director for Retirement and Insurance of OPM and should not be used by those who have not agreed to the procedures and taken responsibility for the sufficiency of the procedures for their purposes. [Signature] [Date] c: Chief Financial Officer
of OPM
Footnotes: 1. This list was included in OMB Bulletin 97-01. At the time of issuance of this Bulletin, OMB is considering modifying the list of statements that comprise the Principal Statements. Auditors shall refer to the most current version of OMB's Form and Content Bulletin to determine which statements shall be treated as Principal Statements for the fiscal year for which the financial statements were prepared. 2. Federal financial management systems requirements to be tested do not include those contained in the Framework for Federal Financial Management Systems and Travel System Requirements. These systems requirements do not affect an agency's ability to prepare financial statements in accordance with Federal accounting standards. 3. An illustrative auditor's report on internal control is provided in Appendix F. Use of this guidance is optional. 4. An illustrative auditor's report on compliance with laws and regulations is provided in Appendix G. Use of this guidance is optional. 5. The requirement for components to prepare financial statements may be satisfied by presenting the components separately in consolidating agencywide financial statements and conducting an audit, in accordance with this Bulletin, at the consolidating financial statement level. 6. In very limited circumstances, reportable conditions that significantly impair an entity's ability to meet Federal financial management systems requirements (such as reportable conditions related to computer security over financial information covered by OMB Circular A-130, Appendix 3) may represent conditions reportable under FFMIA. 7. In very limited circumstances, reportable conditions that significantly impair an entity's ability to meet Federal financial management systems requirements (such as reportable conditions related to computer security over financial information covered by OMB Circular A-130, Appendix 3) may represent conditions reportable under FFMIA. 8. This illustrative management representation letter must be customized to the situation of the audited entity. Representations number 1-14 relate to the opinion on the financial statements and the required supplementary stewardship information; numbers 14-19 relate to management's assertion about the effectiveness of internal control; numbers 20-22 relate to management's assertion about the financial management systems' substantial compliance with Federal financial management system requirements; and numbers 23-25 relate to compliance with laws and regulations. AU Section 333, "Management Representations," Codification of Statements on Auditing Standards, provides examples of additional representations that may be appropriate. 9. If the objective is to express an opinion on the agency's internal controls over financial reporting, the auditor should follow Statement on Standards for Attestation Engagements No. 2, "Reporting on an Entity's Internal Control Over Financial Reporting," issued by the American Institute of Certified Public Accountants. 10. FFMIA does not impose any compliance requirements; rather, it requires reporting on whether an agency's financial management systems substantially comply with the financial management systems requirements contained in governmentwide policies, e.g., OMB Circular A-127, "Financial Management Systems;" Statements of Federal Financial Accounting Standards; and the United States Government Standard General Ledger published by the Department of the Treasury. FFMIA imposes additional reporting requirements when tests disclose instances in which agency systems do not substantially comply with the foregoing requirements. 11. If the objective is to express an opinion on the agency's compliance with laws and regulations, the auditor should follow Statement on Standards for Attestation Engagements No. 3, "Compliance Attestation," issued by the American Institute of Certified Public Accountants. |