 |
|
3/7/2024
|
Auditor General reports findings and management comments resulting from fiscal 2023 audit of state’s financial statements
|
STATE HOUSE – The Office of the Auditor General identified various weaknesses in the state’s internal control over financial reporting as part of the annual audit of the state’s financial statements for the fiscal year ended June 30, 2023. Government Auditing Standards (GAS) require the formal communication of deficiencies in internal control over financial reporting and material noncompliance identified during the audit.
Management’s responsibility for implementing and maintaining a system of internal control is foundational to ensuring complete and accurate financial reporting, compliance with federal regulations, and safeguarding assets of the state. This responsibility is defined in state statute and federal requirements.
Management focus, training and implementation resources have been insufficient to ensure that departments and agencies are assessing and documenting internal control consistent with management’s overall responsibility for the adequacy of its design and operation. Internal controls safeguard public resources and support accurate financial reporting. The state should commit to providing additional training and implementation materials to assist departments and agencies in documenting their internal control. An internal control assessment and documentation effort should be implemented.
The audit of the state’s fiscal 2023 financial statements was completed in February 2024. This most recent communication prepared by Auditor General David A. Bergantino is directed to the Finance Committee of the House of Representatives and the Joint Committee on Legislative Services – those vested with official oversight of the annual audit. Overall, the report includes 29 findings detailing deficiencies in internal control or noncompliance matters within the state’s financial reporting entity (State and its discretely presented component units).
The state’s current accounting and financial reporting system lacks the integration, functionality, and controls of a comprehensive Enterprise Resource Planning (ERP) system. The lack of integration has led to various manual processes being implemented over time which are prone to error and lack compensating controls to ensure accurate and complete financial reporting.
The multi-year implementation of a new ERP system will require substantial resources and planning to ensure a successful outcome. It is critical that the state remain committed to the selected software vendor to ensure a fully integrated system capable of addressing the current internal control deficiencies, business continuity risks, and inefficient processes inherent in the state’s current financial and administrative systems.
The state can continue to improve its consideration of controls over functions performed by external parties by enhancing the use and documentation of Service Organization Control (SOC) reports. These improvements are necessary and consistent with management’s responsibility for the overall adequacy of the design and operation of internal control.
The complexity of Medical Assistance (Medicaid) program operations adds to the challenge of accurately accounting for all Medicaid financial activity within the state’s financial statements. This complexity increases each year through new federal regulations, complex managed care contract settlement provisions, new state initiatives, and continued challenges relating to the state’s integrated human services eligibility system (RIBridges). Medicaid is the state’s single largest activity - representing nearly 38% of the State’s General Fund expenditures. The state will need to ensure that the design of the next Medicaid Management Information System will provide the functionalities needed to enhance controls over program operations and fiscal oversight.
The accumulation of significant deficits and surpluses in internal service funds need to be avoided to ensure accurate financial reporting and compliance with federal regulations. Significant deficits and surpluses in internal service funds are not allowed by generally accepted accounting principles and federal regulations as such amounts represent the understatement (deficits) or overstatement (surpluses) of expenditures in other funds included in the state’s financial reporting.
The state can improve controls over recording federal revenue to ensure (1) amounts are consistent with the limitations of grant awards from the federal government and (2) federally claimed expenditures are consistent with amounts recorded in the state’s accounting system.
A significant number of material audit adjustments were required during our audit of the state’s fiscal 2023 financial statements. Material audit adjustments are indicative of weaknesses in controls over the preparation of financial statements.
The complexity of Treasury operations has increased substantially over the years without significant modifications to the state’s investment in technology and personnel to support those efforts and to ensure internal control best practices are maintained.
Within the Intermodal Surface Transportation Fund, controls can be enhanced over the presentation of financial statements to ensure consistent and accurate reporting of fund activity in accordance with generally accepted accounting principles.
Controls over the identification of transportation infrastructure assets have been improved but can be further enhanced to ensure the accuracy of such amounts. Controls should be improved to record the disposal of infrastructure assets when retired or replaced.
The state updated its current cybersecurity readiness and has begun to identify risk mitigation priorities and the resources needed to implement necessary corrective action. The state does not currently have sufficient resources dedicated for the size and complexity of state operations and risk mitigation is not progressing quickly enough.
In addition to findings that impact statewide controls over financial reporting and information security, this report includes findings specific to the Employees’ Retirement System of Rhode Island and Rhode Island State Employees’ and Electing Teachers OPEB System.
The report also includes 7 management comments that highlight opportunities for enhancement of financial-related operational, policy or accounting control matters.
Management’s response to the findings and comments, including planned corrective actions, are detailed in the report. The Auditor General notes that the state’s Single Audit Report for fiscal 2023 is in progress and is scheduled to be completed later this year. That report will include findings related to controls over compliance with federal program requirements and the administration of federal programs.
Link to the report and audit summary are provided below:
State Financial Statement Findings and Management Comments - Fiscal 2023
Audit Summary - State Financial Statement Findings and Management Comments - Fiscal 2023
For more information, contact:
David Bergantino, CPA, CFE, Auditor General
Office of the Auditor General
Providence, RI 02903
(401) 222-2435, x3020
|
|