School system audit reports fraud, noncompliance
This article is republished from Route One Finance, a news platform that covers government finances in Prince George’s County.
Prince George’s County Public Schools (PGCPS) released its fiscal year 2023 federal Single Audit, which reports that the school system was the victim of a $694,000 vendor fraud in 2022 after failing to follow multiple internal policies designed to prevent such frauds. The fraud was first reported in the FY 2022 Single Audit. According to the report, similar policy noncompliance was reported in the 2022 audit. CliftonLarsonAllen LLP, the auditor, reported problems affecting 36 different federal awards. The school system spent $308 million of federal funds in fiscal year 2023.
In addition to the fraud and policy noncompliance, CliftonLarsonAllen reported that accounting personnel have “administrative access rights” to financial recordkeeping software, which places the school system at risk of error or fraud from staff making unauthorized changes to underlying financial records. This was a repeat problem from the 2022 federal Single Audit. Auditors also said that the school system had spent funds related to the Infants and Toddlers Program after the performance end date, which is the last date an awardee is allowed to spend federal funds.
This audit is the latest in a string of audits going back at least a decade identifying issues with PGCPS internal controls and policy compliance, including 2014 and 2019 state audits completed by the state Office of Legislative Audits that found problems with procurement, payroll, and cybersecurity.
History of problems revealed in federal Single Audits
PGCPS had a history of serious accounting problems identified in federal Single Audits from 2014 to 2018, but by 2019 the school system had fixed these issues according to the FY 2019 Single Audit. The 2019 and 2020 federal Single Audits reported no serious problems, known as findings. The past three Single Audits, however, have all reported problems. Auditors reported one finding in the FY 2021 Single Audit, but that number rose to nine findings in FY 2022, including the previously mentioned fraud. The FY 2023 audit has five findings, some of which are repeated from the prior audit, meaning the issues had not been fully addressed.
The 2022 federal Single Audit found that the school system sometimes spent money before signing the appropriate contracts, such as $4.2 million of pandemic-related grant spending prior to a signed contract. The auditor stated that PGCPS “ does not appear to have a process in place to adequately monitor and maintain completed contract files.” The report also noted $2.9 million of payroll inconsistencies related to federal funds, where reported payroll spending did not always match the underlying payroll records. PGCPS officials stated that they did not agree with that finding, calling the differences “most often immaterial.”
The 2021 federal Single Audit found that the school system had not complied with purchasing policies for some procurements. Some emergency requests lacked required approvals, affecting $2.6 million in spending. The school system more than doubled its federal award spending between FY 2021 and FY 2022, going from $155 million to $332 million, because of pandemic-related federal funds.
State audits find repeat purchasing problems and cybersecurity risks, among other findings
The school system’s last performance audit from the Maryland Office of Legislative Audits (OLA) on financial management practices, released in March 2019, found both repeat and new issues with PGCPS practices from the prior audit released February 2014. The OLA stated “PGCPS needs to establish better procedures and internal controls and ensure those processes are effectively operating,” and that it “identified significant security and control risks that existed within PGCPS’ computer systems and network.” OLA audits school systems at least every six years, meaning another state audit report will likely be released within the next year.
According to the 2019 state audit report, the school system “satisfactorily addressed” less than half of the findings from the 2014 audit. Problems with the procurement process were common in the 2019 report. State auditors found that the school system “did not maintain required documentation justifying the use of sole source procurements” and did not ensure that actual amounts paid lined up with the agreed price. This means that the school system may have paid more than they would otherwise have spent if they had followed procurement policy.
When auditors conduct an audit, they typically select a sample of transactions and check the evidence for those transactions, known as “testing.” For a financial statement audit, auditors might ask to see check copies for a certain number of deposits, or invoices for expenses. For a performance audit, like the one completed by OLA, auditors would select transactions and look for evidence that required procedures were followed. If an auditor reports, for example, that they tested ten transactions and found that two of them had problems, it means that 20% of the sample had problems, not that only two problems were found across all transactions during the audit period.
For the problem with sole source documentation, state auditors looked at 15 sole source contracts worth $6.9 million and found that 13 of the contracts (worth a total of $6.8 million) lacked documentation explaining why the school system used the sole source process, which is an exception to the usual requirement of open, competitive bidding meant to ensure governments are receiving the best value for their money. Auditors noted that they found similar problems in the 2014 and 2006 audits. Auditors also reported that the school system had overpaid for purchases through intergovernmental cooperative agreements and had not checked whether they had received appropriate discounts.
In cybersecurity, OLA staff noted that “the PGCPS computer network was not adequately secured,” including that the school system “did not adequately secure its internal network from improper network-level access from PGCPS high school students” and had not protected its computers from malicious software, called malware.
PGCPS also had problems with its payroll process. Auditors wrote that the school system “lacked a policy requiring justification or rationale for executive employee salary increases,” identifying raises of up to 20% for 13 employees.1 The school board was not informed of the raises. State auditors also examined bus driver pay, and found that over a quarter of tested overtime hours had no supporting formal documentation. Auditors also identified duty modifications that lacked “supporting documentation” and may have “increased payroll cost by at least $3.5 million” between August 2017 and December 2017.
Then-Interim Chief Executive Officer Monica Goldson wrote in a March 2019 response that “management agrees with all 19 audit findings and will work diligently to rectify the identified deficiencies.” Goldson retired from PGCPS at the end of the 2022-2023 school year. Goldson also wrote that the school system planned to publish quarterly reports on the implementation of the state’s recommendations from the audit. The most recent update from January 2023 says that PGCPS fixed all relevant problems.
Read Our Other Coverage