Megan Crane

Article Dean Dorton

In late July 2015, the Census Bureau (the Bureau) experienced an attack on the Federal Audit Clearinghouse (FAC). The FAC is used to collect single audit packages from state and local governments, non-profit organizations, and Indian tribes who expend Federal awards. The FAC was compromised through a configuration setting that allowed the attacker to gain access to the four files posted to the hacker’s site.

The FAC site does not store any confidential household or business data collected by the Bureau and Personally Identifiable Information was not compromised during the attack. According to the Bureau, that information remains safe, secure and on an internal network segmented apart from the external site and the affected database. Since this attack, the FAC has been offline and undergoing an IT investigation.

Due to this attack, as of August 17, 2015, the due date for data collection forms has been extended. Audit reports and forms with due dates from July 22, 2015 to September 30, 2015, are automatically extended to be due October 31, 2015.

For more information or to discuss the impact on your organization, please contact Megan Crane at mcrane@deandorton.com or 859.425.7643 or Simon Keemer at skeemer@deandorton.com or 502.566.1036.

View Simon Keemer’s Bio

Article Dean Dorton

Although Consumer Disclosure Information (CDI) requirements have been required since the enactment of the Higher Education Opportunity Act (HEAO) in 2008, the attention and focus on CDI has grown in recent years, especially from the Department of Education (DOE). The number of DOE initiated compliance reviews have significantly increased in recent years. In 2013 the DOE issued more fines – both in number and in total amount than in any other year since the Clery Act was passed.  In 2014 CDI landed on the Top 10 list of program review findings for the first time[1].

As part of our presentation on CDI to the Kentucky Association of Student Financial Aid Administrators, Dean Dorton contacted the Department of Education (DOE) and discussed CDI from their perspective. The following are the highlights of our conversation:

Program Findings:

The DOE has summarized the CDI into 11 activities, which are the areas that the DOE has the most program review findings.  The activities are shown below:

Activity 1: Institutional and Financial Assistance Information for Students
Activity 2: Drug & Alcohol Prevention
Activity 3: Consumer Information for Student Athletes
Activity 4: Student Right-to-Know Act
Activity 5: Clery/Campus Security Act
Activity 6: FERPA
Activity 7: Safeguarding Customer Information
Activity 8: Fire Safety Reports and Student Housing
Activity 9: Misrepresentation
Activity 10: Loan Disclosures
Activity 11: Gainful Employment Disclosures

On ifap.ed.gov, each of these activities above has a related checklist that details the required items for consumer disclosures.  These checklists are an excellent resource for determining if compliance requirements are being met.  According to the DOE, these are the basis of their program reviews.

Even though these 11 areas have the most program review findings, there is rarely a financial liability associated with these areas.  The exceptions are the Drug & Alcohol Prevention and Clery/Campus Security Act activities which have resulted in fines ranging from $35,000 to $100,000.

Drug & Alcohol Prevention (Activity 2):

The Drug & Alcohol Prevention requirements are covered under 34 CFR 86.  The main areas, according to the DOE, that schools struggle are not providing the proper materials to students, not providing an annual educational seminar or workshop, and improper review of the Drug & Alcohol Program.

Each school’s Drug & Alcohol Program is required to have a biennial review.  The review should have a team that represents a cross-section of the school community, an evaluation of results of program, recommendations for improvement, and be published on an annual basis.

Find the related checklist from ifap.ed.gov.

Clery/Campus Security (Activity 5):

This portion of CDI requires colleges and universities to disclose information about crime on and around their campuses. Due to this area being such an important area for the DOE, if a college or university undergoes a program review and there are findings related to this act, a separate review will be conducted by a specialized team in Washington D.C.

The Clery Act requires the following:

  • Published Annual Security Report
  • Disclosure of crime statistics for campus and surrounding areas
  • Compilation and reporting of fire data and annual fire safety report
  • Public Crime Log
  • Emergency response, notification, and testing policy
  • Policies and procedures for missing students

Read the related checklist from ifap.ed.gov.For more information on CDI, please visit the following:

For more information or to discuss the impact on your organization, please contact Megan Crane at mcrane@deandorton.com or 859.425.7643 or Crissy Fiscus at cfiscus@deandorton.com or 859.425.7631.

View Crissy Fiscus’ Bio

[1] Source: 2014 FSA Training Conference for Financial Aid Professionals, “Program Review Essentials and Top 10 Compliance Findngs” presented by Effie Barnett and Cassandra Weems, U.S. Department of Education.

Article Dean Dorton

The U.S. Office of Management and Budget (OMB) issued Uniform Administrative Requirements, Cost Principals and Audit Requirements for Federal Awards in December 2013. In December 2014, the Joint Interim Final Rule was issued for implementation of this new guidance. The guidance, also known as the Uniform Guidance or Super Circular, is intended to streamline the former eight circulars and eliminate duplicative and conflicting guidance. It also implements policies that increase efficiency and effectiveness of federal programs, focuses on areas that achieve better outcomes at lower costs, and helps to eliminate fraud, waste, and abuse for the approximately $600 billion per year awarded in Federal financial assistance.

The most prominent changes associated with the Super Circular fall into the categories below:

Administrative Requirements
The new Super Circular requires federal agencies and pass-through entities to evaluate the risk associated with a recipient before making awards.  In certain conditions, the federal awarding agency may need to review the merit and risks associated with the potential awards and enact conditions on nonfederal entities when necessary.

Cost Principles
Under the new guidance, allowable costs are more limited.  The new guidance contains the “best of” the cost language from each of the OMB Circulars A-87, A-122, and A-21. There is clarification for allowable direct costs and implements a new de minimis indirect cost rate of 10 percent of modified total direct costs.

Audit Requirements
The revisions focus on a risk-based approach to auditing federal awards and provides for great transparency of audit results.  The new audit threshold is increasing from $500,000 to $750,000 of expenditures and will still cover 99.7% of the dollars currently subject to single audit rules, but will reduce the audit burden for approximately 5,000 entities.

In addition to the increase of the audit threshold, the threshold for reporting questioned costs increased from $10,000 to $25,000.

We have provided more information on the changes associated with the Uniform Grant Guidance and the related timelines for implementation here.

More information regarding federal requirements can be found in the Federal Register.

For more information or to discuss the impact on your organization, please contact Megan Crane at mcrane@deandorton.com or 859.425.7643 or Crissy Fiscus at cfiscus@deandorton.com or 859.425.7631.

View Crissy Fiscus’ Bio