How US grant recipients can achieve audit compliance leveraging SAP Ariba solutions
At SAP Ariba, we collaborate with our customers frequently regarding the value of our end-to-end solutions. This discussion usually includes the benefits derived from say contract compliance, such as with catalog-based requisitions, orders and supplier invoices that exactly mirror previously established contract pricing.
But there is another critical benefit regarding compliance that certain customers must consider when configuring and optimizing their SAP Ariba solutions: regulatory compliance.
SAP Ariba customer organizations include hospitals, institutions of higher learning, research and development entities and local governments. Such organizations often receive US Federal grant funding with related audit requirements being implemented by the Single Audit Act. For these customers, regulatory compliance is equally, if not more, valued.
Following is an overview of audit compliance challenges and concerns faced by many such customers. And offered are specific strategies and tactics for how SAP Ariba procurement solutions can serve as an integral part of your compliance program.
Audit Framework Governing Grant Expenditures
In December 2013, the US Office of Management and Budget (OMB) issued comprehensive grant reform rules generally referred to as the Uniform Grant Guidance (UGG). The UGG is published in the Code of Federal Regulation at Title 2: Grants and Agreements, Part 200—Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. The UGG implementation was deferred and became effective December 26, 2017.
On June 20, 2018, some relief to the scope of covered expenditures was provided by OMB Memorandum 18-18 raising the micro-purchase threshold to $10,000 and the simplified acquisition threshold to $250,000 for all recipients.
This year will see the first round of UGG audits, with corrective action planning and implementation to follow into 2019. Unlike audits performed for US Federal contractors, grant-related audits are performed by private sector audit firms. So, the UGG audits are relatively new for many accountancies, too. Also unlike US Federal contractors, many grant recipient organizations do not have cash reserves sufficient to reimburse any costs determined to be non-compliant.
Within this community of customers, considerable preparation has occurred. By now, customers subject to the UGG should have well-developed strategies for compliance that include use of their SAP Ariba procurement suite. However, if this topic is new to you or your organization is a little uncertain how to tap-into the tremendous flexibility and power of the SAP Ariba procurement suite in support of UGG compliance, read on.
Procurement Expenditure Scrutiny is Greatly Increased under the UGG
A major concern shared by many grant recipients regarding the UGG standards is the increased procurement rigor for supply chain related expenditures. Grant recipients must now demonstrate within procurement transaction documentation compliance with their own policies and procedures, and compliance with the various UGG standards such as competition, contract cost and price justification, bond administration, etc.
People resources with sufficient skills and experience to achieve compliance will undoubtedly be a constraint for customers. Critical then to achieving compliance efficiently and effectively is a strategy for implementing the SAP Ariba procurement solutions in a manner which guides users through each step of a compliant process while concurrently creating the required documentation.
Leveraging SAP Ariba in your Expenditure Compliance Strategy
Identified at §200.320, Methods of procurement to be followed, are the five permitted approaches to administering procurement expenditures and ensuring documentation of the resulting transactions:
- Procurement by micro-purchases
- Procurement by small purchase procedures
- Procurement by sealed bids
- Procurement by competitive proposals
- Procurement by noncompetitive proposals
SAP Ariba solution configuration should assure that resulting expenditures are coded with attributes that map each transaction to one of these methods of procurement to ease later identification and reporting.
Fortunately for SAP Ariba users, the solutions offer features and functionality that are structured very closely to these procurement methods. Solution usage insights and strategies for each of the five procurement methods are provided within Table 1.
|Table 1 – SAP Ariba UGG Compliance Insights and Strategies|
|Procurement Method||Primary Users||Primary Solutions||Features and Functionality|
|Micro-Purchases||· Self-Service||· Spot Buy||· Approval workflows|
|Small Purchases||· Procurement Operations||· Contracts, Sourcing, Discovery||· Sourcing template libraries|
|Sealed Bids||· Sourcing & Contracting Professionals||· Contracts, Sourcing, Supplier Lifecycle & Performance (SLP)||· Sealed bidding functionality, bid rules and tabulation|
|Competitive Proposals||· Sourcing & Contracting Professionals||· Contracts, Sourcing, Supplier Lifecycle & Performance (SLP)||· Flexibility in creating complex RFx|
|Non-Competitive Proposals||· Sourcing & Contracting Professionals||· Contracts, Sourcing, Supplier Lifecycle & Performance (SLP)||· Justification documentation options|
|All methods:||· Suppliers, requisitioners, buyers, AP, Legal, Contract Audit, external auditors||· SLP, Strategic Sourcing, Ariba Buying and Invoicing, Ariba Network||· Robust task functionality and history tracking, e-signature|
A Tactical Guide to Planning for Compliance
A first step in designing UGG compliance into your SAP Ariba solutions is through the tactical process of listing the requirements of every applicable UGG standard in a control matrix. The UGG Procurement Standards are identified at §200.317 through §200.326.
Identify who within the organization is accountable for each standard and therefore the associated control. Consider in which SAP Ariba solution a control is best established, however note that multiple controls may be appropriate. Identify where and how your SAP Ariba configuration addresses each UGG standard. Consider to what extent safeguards exist to prevent the circumvention of a control, and what reporting and monitoring exists to detect any control anomalies.
Indicate if compliance is achieved through a system or manual control. For example, if using SAP Ariba Contracts and Advanced Contract Authoring to generate the list of required provisions in a contract, that would be a system control. If generating contracts is a manual activity outside of SAP Ariba Contracts, that is a manual control.
Table 2 – Illustrative Control Matrix
Procurement Standard: §200.319 – Competition
Standard Owner: <ID>
|Micro-Purchases||Small Purchases||Sealed Bids||Competitive Proposals||Non-Comp. Proposals|
|Policy No.:||<ID No.>||<ID No.>||<ID No.>||<ID No.>||<ID No.>|
|Procedure No.(s):||<ID No.(s)>||<ID No.(s)>||<ID No.(s)>||<ID No.(s)>||<ID No.(s)>|
|Solution(s) Used:||<ID solutions>||<ID solutions>||<ID solutions>||<ID solutions>||<ID solutions>|
|Control(s):||<ID control(s)>||<ID control(s)>||<ID control(s)>||<ID control(s)>||<ID control(s)>|
|Record Retention:||<ID location(s)>||<ID location(s)>||<ID location(s)>||<ID location(s)>||<ID location(s)>|
|Internal Monitoring:||<ID frequency & who performs>||<ID frequency & who performs>||<ID frequency & who performs>||<ID frequency & who performs>||<ID frequency & who performs>|
Note that auditors prefer system controls over manual controls, as system controls are more reliable and less prone to human error. And of course, it is advisable to coordinate these activities with your internal audit and compliance organizations to agree on the goals and objectives for achieving compliance from SAP Ariba solution configuration.
UGG Requirements Influencing Solution Optimization and Support
With an understanding that efficiency and effectiveness is improved through integrating compliance within your SAP Ariba solution configuration, it is advisable to review the UGG to identify and prioritize requirements that will require technical resources to implement.
For example, within §200.326, Contract provisions, is a requirement to include within procurements the applicable provisions described in Appendix II to Part 200—Contract Provisions for non-Federal Entity Contracts Under Federal Awards. These requirements include numerous provisions (i.e., termination for cause and for convenience, Equal Employment Opportunity, Davis-Bacon Act, the Copeland “Anti-Kickback” Act, and others). Attributes set in each Contract Workspace should conditionally populate the appropriate provision into each authored contract.
Government’s Remedies for Non-compliance
An additional concern for grant recipients is failing to demonstrate compliance with the UGG standards as outlined at §200.338, Remedies for non-compliance.
Failure to comply with Federal statutes, regulations or the terms and conditions of a Federal award can result in the Federal awarding agency imposing additional conditions, as described in §200.207, Specific conditions.
If the Federal awarding agency determines that noncompliance cannot be remedied by imposing additional conditions, remedies to the Government include disallowing of all or part of the cost of the activity or action not in compliance, termination, suspension and/or debarment.
About the Author
Don Seward is Director of Value Realization at SAP. He has over 30 years of experience in regulated industries and a variety of related roles including VP of Procurement Transformation, global head of procurement, Federal Purchasing System administrator, Federal Estimating System administrator, and government audit agency liaison.