Internal Control Issues Concerning Grant Awards

Whether a grant award is the institution’s first or its fiftieth, it is crucial for the institution to establish a structure for successful administration of the grant program.  This article will address the concept of internal controls as a critical element in establishing a grant award infrastructure. 

Internal controls define responsibilities, specify required activity reports and mitigate risks.  The use of internal controls provides reasonable assurance that operational objectives may be achieved.  These controls should include the following:

•Management Responsibility

o Grant application timing, composition, comprehensive budget, and program structure, including statement of work, committed effort, and compliance;

o Budget development and spending plans, mandatory cost share, required budget amendments, and financial reporting to responsible parties, including funding agency; and,

o Sub-awards and sub-recipient monitoring, if applicable.

•Report Requirements

o Progress of programmatic results  as defined in the original statement of work and budget request;

o Programmatic personnel changes including Principal Investigator (PI),   delays, and changes necessary to reach completion;

o Time and effort; required monitoring of proprietary, confidential or classified data, site visits, asset purchases and tracking, compliance with Federal or granting agency regulations, and close out.

•Risk Assessment

o Inefficient or ineffective members of the grant management or research team;

o Inaccurate time and effort reporting or supporting documentation;

o Cost over runs or funds remaining at conclusion of grant period;

o Delayed or inaccurate reporting to funding agency;

o Inadequate grants management policies and procedures, training, or implementation;

o Compliance with applicable laws and regulations, Board of Regents policy, USG procedures, Institution policy and procedures, Granting agency policy and procedures, and Federal policy.

There are additional key factors that support a strong internal control system.  Two of the most significant are separation of responsibilities/duties and an effective conflict of interest program.   An internal control system should establish division of responsibilities for those individuals who prepare, review, affirm, negotiate, and/or approve grants.  In this respect, internal control is each employee’s responsibility. If insufficient staffing is an issue, then an objective third party, familiar with the grant details and agency requirements, could provide a compensating control. 

In the area of grants, duties of the PI and research related support staff should be different from duties of the Office of Sponsored Programs (OSP) staff.  If the line between OSP and PI is removed (OSP personnel are the PI or research staff), then a level of internal controls is removed.

Conflict of interests can be financial, reputational, commitment (i.e. other commitments prevent full effort to primary responsibilities), or personal (i.e. use of grant funds for personal equipment or travel).   Employment of relatives can be perceived as a conflict if a personnel action is within a hiring manager’s span of management control, even when the relative is not a direct report. See BOR Policy Section 8.2.3, specifically “line of authority”.  Each institution should include references to conflict of interest in their grant administration policy, and require mitigation plans when conflicts of interest are identified.

Opportunities for errors exist at each step of the grant administration process, increasing the risks of incorrect financial reporting, non-compliance with regulations, fines, and/or return of funds to the granting agency. Internal controls designed to detect errors are essential to successful operations.  The challenge is to identify risk areas and to design controls that will reduce risks or to detect vulnerabilities.  In the next issue of Briefing, we will publish a list of common risks.

The BOR expects that institutions will properly administer federal grants. Many USG institutions provide educational, informational or technical training on structure and guidance in grants administration.  The OIAC encourages all institutions to develop internal control systems that will help reduce risks and detect vulnerabilities in grant processes.  Below is a high-level chart illustrating grants processing.  The four horizontal bands represent the Awarding Agency, PI and, research support team, the Office of Sponsored Programs or Research, and sub-recipient entities.

Sandra Evans, OIAC Auditor,  sandra.evans@usg.edu

Rob Roy, Educational Access, rob.roy@usg.edu

​