INTERNAL AUDIT REPORT ON THE FINANCIAL MANAGEMENT CONTROL FRAMEWORK FOR INITIATIVES RELATED TO CANADA S ECONOMIC ACTION PLAN (EAP) REPORT.

Transcription

1 INTERNAL AUDIT REPORT ON THE FINANCIAL MANAGEMENT CONTROL FRAMEWORK FOR INITIATIVES RELATED TO CANADA S ECONOMIC ACTION PLAN (EAP) REPORT July 2010 PREPARED BY THE INTERNAL AUDIT BRANCH (IAB) Project No: CANADA ECONOMIC DEVELOPMENT

2 TABLE OF CONTENTS 1. EXECUTIVE SUMMARY BACKGROUND AUDIT OBJECTIVE SCOPE OF THE AUDIT METHODOLOGY STATEMENT OF ASSURANCE AUDIT OPINION BEST PRACTICES IDENTIFIED SUMMARY OF RECOMMENDATIONS INTRODUCTION BACKGROUND AUDIT OBJECTIVE AND CRITERIA SCOPE OF THE AUDIT METHODOLOGY ACKNOWLEDGEMENTS AUDIT RESULTS MANAGEMENT OF RISKS IDENTIFIED UNDER THE CAF AND THE RINC PROGRAM ACCOUNT AUDITING ACTIVITIES UNDER THE CAF AND THE RINC PROGRAM OTHER KEY FINANCIAL MANAGEMENT CONTROLS CONCLUSION ACTION PLAN Internal Audit Report on the Financial Management Control of Initiatives Related to Canada s Economic Action Plan

3 1. EXECUTIVE SUMMARY 1.1 Background The Government of Canada established Canada s Economic Action Plan (EAP) as a response to the economic problems arising from the financial crisis. The primary objective of the Economic Action Plan is to protect and create jobs during the global economic downturn. The Economic Development Agency of Canada for the Regions of Quebec (CED or the Agency) was designated to deliver a number of initiatives under the EAP, the main two being the Community Adjustment Fund (CAF) and the Recreational Infrastructure Canada (RInC) Program. The CAF is delivered under the Agency s regular programs, Community Diversification and Business and Regional Growth. It should be noted that the CAF also includes a component with Quebec, related to forestry. The two components of the CAF for Quebec total $209.8M over two years. The second initiative, the RInC Program, has Canada-wide funding of $500M. It is intended to increase activities related to the construction of recreational facilities and create jobs. Of the $500M announced in January 2009, $80M was allocated to Quebec. The Government of Quebec is the main manager for delivery of the RInC Program. The short duration of the initiatives (two years) and the substantial increase in the funding earmarked for grants and contributions increase the risks associated with delivery of the programs. This audit was therefore included in the Three-Year Risk-Based Audit Plan. From this standpoint, we wanted to provide assurance that CED is discharging its responsibilities for financial management in implementing the CAF and the RInC Program. In addition, implementation of the CAF and the RInC Program were among the Agency s priorities for the fiscal year. 1.2 Audit objective This audit is intended to provide assurance that the financial management control framework for the CAF and the RInC Program allows for effective departmental finance sector activities and compliance with the legislation and policies in effect. 1.3 Scope of the audit The audit covers the Agency s financial management control framework for delivery of programs under the EAP and includes the financial and budgetary controls related to the following aspects: risk management; monitoring activities under section 33 of the Financial Administration Act; the systems and procedures required to keep records and monitor commitments; segregation of duties so as to limit the risk of financial loss. The on-site audit took place from October 2009 to January 2010 and dealt with the period from April 1, 2009 to January 18, It is important to note that our audit was intended to target the financial controls used for delivery of the CAF and the RInC Program, exclusive of the obligations stemming from the Policy on Financial Management Governance, particularly in terms of the development, communication and maintenance of a financial management control framework for the department. This subject will be dealt with in the audit of the financial management control framework for regular Internal Audit Report on the Financial Management Control of Initiatives Related to Canada s Economic Action Plan - 3 -

4 programs, included in the Risk-Based Internal Audit Plan. These initiatives have been in effect only since April 1, 2009, so some steps in the program life cycle have not yet been completed, including agreement monitoring, the repayment of the financial assistance by the proponent and recovery. We were therefore limited to validating the presence of existing documented procedures preliminary to their eventual use in the context of the CAF and the RInC Program. 1.4 Methodology The approach taken consisted of the following activities: 1. Risk-based planning; 2. Development of audit programs and criteria; 3. Interviews with representatives of CED s Finance and Operations sectors; 4. Review of relevant Treasury Board (TB) and Agency documents, such as policies and procedures; 5. Review of internal reports related to the results of applying financial controls and the comparison of audit criteria; 6. Validation of findings with stakeholders concerned; 7. Preparation of the report: 8. Presentation of the report to the Departmental Management Committee; and 9. Receipt of action plan from senior management. 1.5 Statement of assurance We have completed the audit of the financial management control framework for Agency initiatives under Canada s Economic Action Plan. The audit was conducted in accordance with the Treasury Board (TB) Policy on Internal Audit and planned in accordance with the Internal Audit Standards of the Institute of Internal Auditors (IIA). These standards require that the audit be planned and carried out so as to provide a high level of certainty that the Agency uses acceptable controls for the financial management of the CAF and the RInC Program, including practices related to risk management, monitoring of application of section 33 of the FAA, the systems and procedures required to keep records, control commitments and expenditures and the segregation of duties. The audit took place from October 2009 to January 2010 and covered the period from April 1, 2009 to January 18, It included meeting resource persons and a component for the review of practices implemented by CED under the CAF and the RInC Program to ensure the monitoring of its key financial activities, mentioned above. The audit criteria have been written using relevant sections of the FAA, the Policy on Transfer Payments, the federal government policies and directives defining the risk management framework, the Agency Internal Audit Plan Based on Risks, and numerous other documents. In my capacity as Chief Audit Executive, I consider that the audit procedures followed and the evidence gathered are appropriate and sufficient to support the accuracy of the conclusions in this report. The conclusions are based on an examination of the situations identified in light of the established criteria. Internal Audit Report on the Financial Management Control of Initiatives Related to Canada s Economic Action Plan - 4 -

5 1.6 Audit opinion In my opinion, the practices observed require improvement to allow the Agency to reduce the risks identified with regard to the activities reviewed to an acceptable level. Some strong points were noted during the audit, including development of a risk monitoring tool for projects under the CAF Program and the use of a resource allocation model which takes the special features of the program into account. However, the audit indicated that the financial management control framework could be improved, particularly in terms of the use of active monitoring as a key control tool, especially for contribution payments, as well as the payment of advances, which compromises the effectiveness of DFB activities. Previous work by the IAB has demonstrated the use of satisfactory contribution agreement monitoring measures with regard to funding and results (section 34 of the FAA) by the Operations sector. However, there is room for improvement in terms of controls related to the application of section 33 by the DFB with regard to contribution expenditures under the CAF and the RInC Program so as to ensure appropriate financial control. 1.7 Best practices identified The strengths noted during this audit with regard to the financial management control framework included: Development of a tool for monitoring risk and specific conditions for the EAP; Definition by the Agency of mitigation measures to manage identified risks for the CAF and the RInC Program; Development and documentation by the DFB of an appropriate procedure for auditing accounts for operating expenditures; and Development of a resource allocation model which takes into account the specific features of the CAF and the RInC Program. 1.8 Summary of recommendations Despite the best practices identified, improvements are still considered necessary with regard to some aspects of the financial management control framework for initiatives under the EAP. My recommendations are as follows: Improve the way the active monitoring function is organized to allow for effective financial control with regard to transfer payments; Document the process for identifying risks related to CAF and RInC Program projects using the risk monitoring tool that has been developed; and Strengthen the DFB s monitoring role with regard to the management of advances. Internal Audit Report on the Financial Management Control of Initiatives Related to Canada s Economic Action Plan - 5 -

6 Chief Audit Executive Internal Audit Report on the Financial Management Control of Initiatives Related to Canada s Economic Action Plan - 6 -

7 2. INTRODUCTION 2.1 Background The Government of Canada established Canada s Economic Action Plan (EAP) as a response to the economic problems arising from the financial crisis. The primary objective of the Economic Action Plan is to protect and create jobs during the global economic downturn. The Economic Development Agency of Canada for the Regions of Quebec (CED or the Agency) was designated to deliver a number of initiatives under the EAP, the main two being the Community Adjustment Fund (CAF) and the Recreational Infrastructure Canada (RInC) Program. The CAF is delivered mainly under the Agency s regular programs, Community Diversification and Business and Regional Growth. It should be noted that the CAF also includes a component with Quebec, related to forestry. The two components of the CAF for Quebec total $209.8M over two years. The second initiative, the RInC Program, has Canada-wide funding of $500M. It is intended to increase activities to build recreational facilities and create jobs. Of the $500M announced in January 2009, $80M was allocated to Quebec. The Government of Quebec is the main manager for delivery of the RInC Program. The short duration of the initiatives (two years), as well as the substantial increase in the funding earmarked for grants and contributions, increase the risks associated with delivery of the programs. This audit was therefore included in the Three-Year Risk-Based Audit Plan. From this standpoint, we wanted to provide assurance that CED is discharging its responsibilities for financial management in implementing the CAF and the RInC Program. In addition, implementation of the CAF and the RInC Program were among the Agency s priorities for the fiscal year. 2.2 Audit objective and criteria The objective and criteria set out below represent the expectations of Agency management and take into account the relevant risk identified in the three-year internal audit plan and in documents related to the CAF and the RInC Program, that is: The ability to implement the CAF and the RInC Program within the time available; and The additional responsibilities in terms of monitoring and reporting related to the special features of the CAF and the RInC Program. Internal Audit Report on the Financial Management Control of Initiatives Related to Canada s Economic Action Plan - 7 -

8 Objective To provide assurance that the financial management control framework for the CAF and the RInC Program allows for effective departmental finance sector activities and compliance with the legislation and policies in effect. 1. Management of risks identified under the CAF and the RInC Program The Agency has taken the appropriate mitigation measures, based on the corporate financial control risks of the CAF and the RInC Program. 2. Agency monitoring activities related to application of section 33 of the FAA Criteria Under the CAF and the RInC Program, the Agency has established effective financial controls to monitor EAP contribution activities and ensure their compliance with the policies and rules in effect. The Agency ensures that sound procedures for the auditing of accounts are in place, in accordance with the Financial Administration Act (section 33 of the FAA), to ensure the monitoring of CAF and RInC Program disbursements. 3. Other key financial management controls The Agency has developed and implemented the systems and procedures required to keep records and monitor its commitments and disbursements. The segregation of duties is used to limit the risk of financial loss. 2.3 Scope of the audit The audit covers the Agency s financial management control framework for delivery of programs under the EAP and includes the financial and budgetary controls related to the following aspects: risk management; monitoring activities under section 33 of the Financial Administration Act; the systems and procedures required to keep records and monitor commitments; segregation of duties so as to limit the risk of financial loss. The on-site audit took place from October 2009 to January 2010 and dealt with the period from April 1, 2009 to January 18, Internal Audit Report on the Financial Management Control of Initiatives Related to Canada s Economic Action Plan - 8 -

9 It is important to note that our audit was intended to target the financial controls used for delivery of the CAF and the RInC Program, exclusive of the obligations stemming from the Policy on Financial Management Governance, particularly in terms of the development, communication and maintenance of a financial management control framework for the department. This subject will be dealt with in the audit of the financial management control framework for regular programs, provided for in the Risk-Based Internal Audit Plan. These initiatives have been in effect only since April 1, 2009, so some steps in the program life cycle have not yet been completed, including agreement monitoring, the repayment of the financial assistance by the proponent and recovery. We were therefore limited to validating the presence of existing documented procedures preliminary to their eventual use in the context of the CAF or the RInC Program. 2.4 Methodology The approach taken consisted of the following activities: 1. Risk-based planning; 2. Development of audit programs and criteria; 3. Interviews with representatives of CED s Finance and Operations sectors; 4. Review of relevant Treasury Board (TB) and Agency documents, such as policies and procedures; 5. Review of internal reports related to the results of applying financial controls and the comparison of audit criteria; 6. Validation of findings with stakeholders concerned; 7. Preparation of the report: 8. Presentation of the report to the Departmental Management Committee; and 9. Receipt of action plan from senior management. 2.5 Acknowledgements We would like to thank the Agency s representatives for their outstanding co-operation and the interest they displayed throughout the audit process. Internal Audit Report on the Financial Management Control of Initiatives Related to Canada s Economic Action Plan - 9 -

10 3. AUDIT RESULTS The Agency is responsible for implementing effective measures to mitigate the risks related to delivery of the CAF and the RInC Program. We therefore expected that the DFB would have implemented effective controls to mitigate the corporate financial risks of the Agency s implementation of the EAP. The results of our audit work are presented on the basis of the criteria used to conduct our analysis. Opinion In my opinion, the practices observed require improvement to allow the Agency to reduce the risks identified with regard to the activities reviewed to an acceptable level. Some strong points were noted during the audit, including development of a risk monitoring tool for projects under the CAF Program and the use of a resource allocation model which takes the special features of the program into account. However, the audit indicated that the financial management control framework could be improved, particularly in terms of the use of active monitoring as a key control tool, especially for contribution payments, as well as the payment of advances, which compromises the effectiveness of DFB activities. Previous work by the IAB has demonstrated the use of satisfactory contribution agreement monitoring measures with regard to funding and results (section 34 of the FAA) by the Operations sector. However, there is room for improvement in terms of controls related to the application of section 33 by the DFB with regard to contribution expenditures under the CAF and the RInC Program so as to ensure appropriate financial control. Best practices identified The strengths noted during this audit with regard to the financial management control framework included: Development of a tool for monitoring risk and specific conditions for the EAP; Definition by the Agency of mitigation measures to manage identified risks for the CAF and the RInC Program; Development and documentation by the DFB of an appropriate procedure for auditing accounts for operating expenditures; and Development of a resource allocation model which takes into account the specific features of the CAF and the RInC Program. Internal Audit Report on the Financial Management Control of Initiatives Related to Canada s Economic Action Plan

11 Audit findings and recommendation 3.1 Management of risks identified under the CAF and the RInC Program The Departmental Finance Branch (DFB) played an active role in the risk analysis carried out by the Agency during the preparation of submissions for the CAF and the RInC Program. Each sector was able to help identify risks and undertake mitigation measures for the implementation of initiatives. The Agency identified the following risks of particular concern to the DFB: The ability to implement the CAF and the RInC Program within the time available; and The additional responsibilities in terms of monitoring and reporting related to the special features of the CAF and the RInC Program. To mitigate these risks, the DFB decided to pay special attention to the CAF and the RInC Program during active monitoring activities. Two new resources were assigned to the active monitoring team. Finding 1 This decision appears to us to be a relevant step in the mitigation of risk. Following up on this decision, the DFB developed a risk-based monitoring tool, tailored to the specific features of EAP initiatives, as well as a work plan for putting the tool into action. However, the DFB did not sufficiently document some of the steps in the risk identification process on which the monitoring tool is based, particularly: Defining and assessing sectors at risk; Measuring the probability and impact of risks; Determining desired results and defining the level of tolerance for risk; Classifying risks in order of priority; Developing and selecting mitigation strategies; and Monitoring frequency for the risk identification exercise. The lack of documentation prevents us from ruling on the completeness and degree of relevance of the risks considered. Effect/Risk The lack of documentation supporting the risk identification process increases the possibility that relevant risks have been omitted. Recommendation 1 (Low risk) To ensure that all risks related to CAF and RInC projects are taken into account, the DFB should document its risk identification process and Internal Audit Report on the Financial Management Control of Initiatives Related to Canada s Economic Action Plan

12 carry out regular monitoring. 3.2 Account auditing activities under the CAF and the RInC Program We focussed on the audit processes for the CAF and RInC Program accounts in order to make sure that they complied with the Financial Administration Act (FAA, section 33). A financial officer in the DFB administers section 33. Approval of claims for payment are managed using the Hermès Finance system. Applications resulting from administration of section 34 by a delegated individual are entered by the financial officer, who carries out a summary audit of the applications in terms of financial coding and the completeness of the data transferred to the system. There is thus a segregation of duties in terms of the administration of section 33 and 34 of the FAA. Finding 2 For the contributions component, which accounted for about $280M for the period from April 2009 to March 2011, the financial officer responsible for the administration of section 33 makes the payment as soon as the payment claim is received on the viewing database. At the Agency, the certification mentioned in section 33 of the FAA is entire carried out through active monitoring activities. The Agency decided from the outset to use its active monitoring activities to carry out the due diligence required to enable it to manage the risks related to payment approval under section 33. However, at the time of our audit, this exercise was not being carried out. Another approach is used for the certification of operating expenditures, which totalled about $8.6M for the period from 2009 to A financial officer audits the prepayment of certain components of transactions corresponding to some risk criteria and also conducts a preliminary review of a limited number of files, selected on the basis of the officer s judgment, guided by the nature and amounts involved, to validate the payments made. Monitoring of contributions Sufficient assurance, which underlies the application of section 33 of the FAA for contributions, is based on the work of the active monitoring group. In addition, TB s Policy on Active Monitoring, which supports the work of the DFB s monitoring team, requires the definition of an effective system for active monitoring of the status of management practices and controls. This work includes timely assessments and preventive or corrective measures in areas where deficiencies and discrepancies in control have been found. The DFB has developed a good tool for monitoring CAF files on the basis of pre-established risk criteria documented under the CAF initiative. The tool monitors advances paid, the level of progress on projects and the existence of expenditures related to the end of the fiscal year. Internal Audit Report on the Financial Management Control of Initiatives Related to Canada s Economic Action Plan

13 3.2 Account auditing activities under the CAF and the RInC Program The application of section 33 must be based on reasonable assurance that section 34 was correctly applied in the context of the EAP. In this context, we found the following discrepancies with regard to active monitoring practices: Despite the identification of areas of risk which appear relevant, there was no method for selecting files for the sample to be reviewed for the purpose of active monitoring in order to rule on the application of section 34 by the business offices; No monitoring (CAF or RInC) was noted at the time of our audit. However, we did see that a calendar had been developed for the production of the active monitoring report; and The RInC Program is not included in the monitoring approach adopted. Although no disbursement had been made at the time of the audit, the monitoring plan does not cover this program. Definition of roles and responsibilities Active monitoring is an essential control activity for the CAF and the RInC Program, since it is the only activity which supports the application of section 33 by the DFB with regard to contributions paid. In order to ensure that the control provided by active monitoring is effective, a clear and complete definition of roles and responsibilities (protocol) should be documented, communicated and implemented. The definition of roles and responsibilities supports the establishment and use of controls. Once the control strategy is approved, its application must be ensured by the individuals responsible for its implementation. In addition, to ensure the effectiveness of the control strategy when weaknesses are detected, it is imperative that corrective measures be established by those in charge, to the satisfaction of the DFB. It is therefore important that this activity is well underpinned by an appropriate definition of roles and responsibilities, approved by senior management. With regard to the delivery of EAP programs, we found only one document containing a summary description of control activities under the CAF. This document does not clearly and completely cover the mandate and responsibilities in terms of active monitoring activities. In particular, we found that this document did not cover the follow aspects: Confirmation and communication of the mandate to all sectors concerned; Communication of the results of monitoring work to the various levels of responsibility; Monitoring of results obtained and correction of situations identified. Internal Audit Report on the Financial Management Control of Initiatives Related to Canada s Economic Action Plan

14 3.2 Account auditing activities under the CAF and the RInC Program Monitoring of operating expenditures By operating expenditures, we mean all types of expenditure which are not contributions. The DFB has a written strategy supporting the work of the financial officer responsible for application of the account certification process under section 33 of the FAA. The financial officer reviews five or six operating expenditures a week at the outset, selected on the basis of the officer s judgment, guided by the nature and amounts involved. In addition, the DFB defines payments involving risk which require audit prior to payment. Given the Agency s limited resources, we feel that the strategy adopted with regard to the payment of operating expenditures is acceptable. We cannot rule on the process for the identification of risks or the effectiveness of the process related to the number of transactions selected, since there is not enough documentation in this regard. Effect/Risk Opportunities for improvement in terms of the architecture of financial monitoring activities increase the risk of incomplete assurance in support of section 33. In order to obtain the assurance required for the certification of expenditures under section 33 of the FAA, the DFB should: Contribution expenditures Recommendation 2 (High risk) Complete, approve and communicate the mandate of the active monitoring group, including the plan for communicating results to the sectors concerned and the monitoring to be carried out on these results. Define and implement a method for selecting files for the sample to be reviewed for active monitoring, so as to rule on the application of section 34 by the business offices; Start applying the planned monitoring measures immediately; Include RInC files in the monitoring method adopted; and Operating expenditures Document the process used to identify transactions at risk. 3.3 Other key financial management controls Finding 3 Control of budgets and commitments (section 32 of the FAA) Internal Audit Report on the Financial Management Control of Initiatives Related to Canada s Economic Action Plan

15 3.3 Other key financial management controls At the Agency, the Operations sector is responsible for the budgetary monitoring of transfer payments. The DFB is responsible for recording budget allocations in the Agency s books. Managers of the administrative units are individually accountable for monitoring their operating budgets. Operating budget A budget of $8.6M was requested and approved for the salary envelope and operating expenditures related to the CAF and the RInC Program for CED as a whole. For the CAF, the operating budget for the business offices was allocated based on the pro rata variance in contribution budgets resulting from the CAF. With regard to the RInC Program, the Agency developed estimates of the time spent on this program. Operating expenditures are monitored in the business offices. CAF contribution budget A model for the allocation of funds was developed, taking into account the specific criteria of the program, the target population and the economic potential of the regions. The Operations sector has developed budget monitoring tools to ensure control of the monies committed, including budget monitoring reports. A virtual reserve has been created to redistribute funds among the business offices on the basis of deserving projects, which allows funding allocations to be readjusted to meet program objectives. We found that there was enough flexibility in the allocation of funds to ensure funding based on project availability. RInC contribution budget Since the Government of Quebec is the main manager for the program and projects, CED s role in delivery of the program is more limited. However, the Infrastructure Directorate has developed monitoring tools which are adequate to ensure control in terms of commitments, analysis and approval of RInC projects. The Infrastructure Directorate, which is responsible for the RInC Program, produces weekly monitoring reports to ensure control of the budgets allocated. The monitoring reports cover the following subjects: Projects submitted; Projects at the analysis stage; Projects approved; Projects undertaken; and Status of the RInC Program. Internal Audit Report on the Financial Management Control of Initiatives Related to Canada s Economic Action Plan

16 3.3 Other key financial management controls Hermès system Contribution programs are managed through the Hermès system. Budget controls have been included in the system and monies committed and assistance approved for each project are recorded in Hermès. The system prevents the validation of expenditures beyond the authorized threshold. We are satisfied with the existing procedures to control commitments. Management of advances In its submission to Treasury Board for funding of the CAF, CED undertook to apply certain controls to support advance payments. These controls were to ensure that advance payments were only made in cases of need, justified by the recipient s cash flow requirements. Finding 4 The responsibility for justifying and documenting advances rests entirely with the business offices. In order to ensure that advances issued by the Agency under the CAF and the RInC Program are supported by an adequate analysis of cash flow needs, the DFB should be more formally involved in this process. Our audit indicated that the financial management control framework does not provide for validation of needs in support of advances made by the DFB. We noted that the issuance of advances was identified as a risk criterion for guidance in the selection of files to be reviewed during active monitoring following payment. Effect/Risk The lack of validation by the DFB in issuing advances increases the risk that these payments are not justified. This could potentially result in the inadequate application of section 33 with regard to advances. Recommendation 3 (Low risk) Given the terms of the CAF and RInC submissions, the DFB should strengthen its role in monitoring the management of advances by implementing a validation strategy for their issuance. 4. CONCLUSION Some strong points were noted during the audit, including development of a risk monitoring tool for projects under the CAF Program and the use of a resource allocation model which takes the special Internal Audit Report on the Financial Management Control of Initiatives Related to Canada s Economic Action Plan

17 features of the program into account. However, the audit indicated that the financial management control framework could be improved, particularly in terms of the use of active monitoring as a key control tool, especially for contribution payments, as well as the payment of advances, which compromises the effectiveness of DFB activities. Previous work by the IAB has demonstrated the use of satisfactory contribution agreement monitoring measures with regard to funding and results (section 34 of the FAA) by the Operations sector. However, there is room for improvement in terms of controls related to the application of section 33 by the DFB with regard to contribution expenditures under the CAF and the RInC Program so as to ensure appropriate financial control. Internal Audit Report on the Financial Management Control of Initiatives Related to Canada s Economic Action Plan

18 ACTION PLAN Recommendations Management comments Anticipated date of completion Units responsible Recommendation 1 (Low risk) To ensure that all risks related to CAF and RInC projects are taken into account, the DFB should document its risk identification process and carry out regular monitoring. We will bring all existing information together in a single location so as to document our risk identification process more formally, and we will make sure that we monitor risks regularly so as to adjust our monitoring measures, if necessary. The active monitoring team will be involved in the process and will be kept informed of the results. August 31, 2010 Active Monitoring and Internal Controls Directorate Recommendation 2 (High risk) In order to obtain the assurance required for the certification of expenditures under section 33 of the FAA, the DFB should: Contribution expenditures Complete, approve and communicate the mandate of the active monitoring group, including the plan for communicating results to the sectors concerned and the monitoring to be carried out on The mandate of the active monitoring group and the sampling plan were discussed with the directors general of the Operations sector and the Director, Planning, in January We will also be presenting the mandate, including the communications plan and monitoring measures, to the members of the DMC, together with our sampling plan. The current risk-based method of selecting files to support the August 31, 2010 Active Monitoring and Internal Controls Directorate and the Accounting Operations Directorate Internal Audit Report on the Financial Management Control of Initiatives Related to Canada s Economic Action Plan

19 Recommendations Management comments Anticipated date of completion Units responsible these results. Define and implement a method for selecting files that supports the sample to be reviewed for active monitoring, so as to decide on the application of section 34 by the business offices; Start applying the planned monitoring measures immediately; Include RInC files in the monitoring method adopted; and Operating expenditures sample to be reviewed was very recently documented to provide guidance for new members of the active monitoring team. The documentation will be given to the internal audit team. Thirteen files were audited in depth and we expect to audit 15 to 20 files a month, which we consider adequate in terms of our resources, the approach preferred and the number of projects funded under the EAP. Document the process used to identify transactions at risk. The projects approved under the RInC Program are included in the sampling plan. Recommendation 3 (Low risk) Given the terms of the CAF and RInC submissions, the DFB should strengthen its role in monitoring the A draft of the sampling process will be submitted to the Chief Executive for approval. Since we have been using our monitoring measures, we feel that our role is adequate. The time frame for the recovery of advances is a risk factor: files for which advances are not s/o Internal Audit Report on the Financial Management Control of Initiatives Related to Canada s Economic Action Plan

20 Recommendations Management comments Anticipated date of completion Units responsible management of advances by implementing a validation strategy for their issuance. recovered within 60 days are systematically audited. In addition, during our in-depth audit of files, we are making sure that the management of advances complies with the operational directives issued by Operations, which reflect the terms and conditions of approved programs, TBS requirements and the requirements for submissions to TB. Internal Audit Report on the Financial Management Control of Initiatives Related to Canada s Economic Action Plan