Auditor of State’s Office Revamps Compliance Supplement

Compliance Supplement 2013

Monday, December 17, 2012

While the primary focus of an audit is financial statements and the controls necessary to support good financial reporting, Ohio governments and school districts are also required to comply with any applicable laws.

Even though such compliance is a management responsibility that cannot be delegated, the Auditor of State’s office has for many years published a guidance document to help entities evaluate those laws that commonly present management or audit issues: the Auditor of State Compliance Supplement.

Needless to say, “compliance” is a broad topic. Over the years, the accumulated experience and knowledge represented in the Compliance Supplement has caused the manual to grow to seven chapters and 615 pages.  Any treasurer, fiscal officer, administrator, or board or council member will be familiar with the chapter headings of the supplement: budgeting, expenditures, contracts, debt and so on.

In 2013, the Compliance Supplement is undergoing a significant change. While the current format is useful and pertinent to a good audit, it emphasizes formality over meaning. Formality is important, indeed inherent in audit work, and in the end, there can be no compliance without formality. But mere technical compliance is not enough: Management is responsible for “the big picture” as well.

The 2013 Compliance Supplement has been revamped to assist in meeting that obligation. Instead of seven chapters, the new Compliance Supplement has three chapters (roughly 300 pages):  Direct Laws, Indirect Laws, and Stewardship and Mandates.  The reorganization will help focus audit expenditures on those areas providing the greatest impact on audit results.

Direct laws are those having a direct effect on financial statement amounts. Examples are appropriations, spending restrictions, use of specific funds, fund-balance reserve requirements, bonds and notes, self-insurance actuarial liabilties, income tax and pension obligations, vacation and sick leave liabilities, and fraud.

Auditing of direct laws will be subject to substantive testing and control considerations.

Indirect laws are those that do not have a direct effect on financial statement amounts, but are fundamental to the operation of the entity and have associated noncompliance penalties that are potentially material to the entity.  Examples include investment policies being filed with the Auditor of State’s office, force accounts, and eligible investments for interim and inactive funds.

Auditing of indirect laws will be subject to inquiry as well as document and correspondence review.

The third category of compliance is Stewardship & Mandates, representing laws that are not related to financial reporting, but are important to stakeholders, including the legislature.

Examples include open meetings and public records, conflict of interest, prohibited political activity, school anti-bullying, and employee notification of fraud reporting mechanisms, including the Auditor of State’s Fraud Hotline.

In reorganizing and simplifying the Compliance Supplement, we are moving some procedures to a separate, detailed optional procedures manual and removing some requirements altogether. This does not mean those requirements are unimportant or that they will not be audited. It does mean that fewer audit procedures will be routinely conducted.

Serving Ohio taxpayers requires making judgments about where scarce resources will yield the best results. Management, by definition, is responsible for doing so. The Auditor of State’s 2013 Compliance Manual follows a long tradition of helping make that job easier.