Page 36 - Financial Report 2020
P. 36

PRIVACY	AND	CIVIL	LIBERTIES	OVERSIGHT	BOARD






               Enterprise	 Risk	 Management,	 Internal	 Controls	 System,	 and	 Implementation	 of
               Federal	Managers’	Financial	Integrity	Act
               Guidance	for	implementing	FMFIA	(31	U.S.C.	3512)	is	provided	through	OMB	Circular	A-
               123,	 Management’s	 Responsibility	 for	 Enterprise	 Risk	 Management	 and	 Internal	 Control.
               PCLOB	took	into	consideration	the	best	practices	set	out	by	the	GAO	as	well	as	the	guidance
               provided	by	the	OMB	when	developing	the	agency’s	Internal	Controls	Framework	(“ICF”)
               Manual,	 issued	 in	 February	 2019	 with	 the	 goal	 of	 ensuring	 sound	 financial	 and	 non-
               financial	 risk	 management	 while	 accounting	 for	 the	 PCLOB’s	 small	 size	 and	 limited
               resources.	 The	 ICF	 Manual	 sets	 out	 the	 agency’s	 oversight	 role	 and	 strategic	 decision-
               making	 over	 enterprise	 risk	 management	 and	 policies	 and	 procedures	 for	 establishing,
               assessing,	correcting,	and	reporting	on	internal	control.

               To	 ensure	 the	 agency	 continues	 to	 maintain	 a	 robust	 internal	 control	 framework	 and
               continue	meeting	the	guidelines	established	in	the	ICF	Manual	despite	its	small	size,	PCLOB
               outsources	with	an	independent	contractor	to	provide	internal	controls	support	services,
               such	as	risk	assessment,	testing,	and	remediation,	with	oversight	from	the	Chief	Financial
               Officer.

               In	 FY	 2020,	 the	 first	 evaluation	 of	 the	 internal	 controls	 and	 assessment	 of	 risks	 over
               program	 operations	 was	 performed.	 The	 Board	 documented	 its	 key	 controls	 to	 address
               risks	 and	 assessed	 the	 design	 and	 operating	 effectiveness	 of	 these	 controls	 through
               detailed	 test	 procedures.	 The	 Board	 also	 tested	 the	 operating	 effectiveness	 of	 control
               activities	that	were	found	to	be	deficient	in	prior	assessments.	The	PCLOB	Chief	Financial
               Officer	analyzed	the	magnitude	of	internal	control	deficiencies,	both	individually	and	in	the
               aggregate,	 to	 determine	 whether	 a	 material	 weakness	 existed	 in	 the	 financial	 reporting
               processes.

               In	summary,	the	agency’s	internal	control	program	is	designed	to	ensure	compliance	with
               the	 requirements	 of	 the	 Federal	 Managers’	 Financial	 Integrity	 Act	 and	 other	 federal
               regulations.

               Payment	Integrity	Information	Act

               PCLOB	 is	 a	 small	 agency	 operating	 under	 one	 program,	 with	 no	 activities	 that	 are
               susceptible	to	the	threshold	amounts	stated	in	the	Payment	Integrity	Information	Act	of
               2019	(“PIIA”),	which	amended	requirements	stated	by	the	Improper	Payments	Information
               Act	 of	 2002,	 the	 Improper	 Payments	 Elimination	 and	 Recovery	 Act	 of	 2010,	 Improper
               Payments	Elimination	and	Recovery	Improvement	Act	of	2012,	and	the	Federal	Improper
               Payments	 Coordination	 Act	 of	 2015.	 By	 definition,	 significant	 improper	 payments	 are
               defined	as	gross	annual	improper	payments	exceeding	both	1.5	percent	of	program	outlays
               and	 $10	 million	 of	 all	 program	 or	 activity	 disbursements	 made	 during	 the	 fiscal	 year
               reported	or	$100	million	(regardless	of	the	improper	payment	percentage	of	total	program
               outlays).	The	Board	performs	a	risk	assessment	at	least	once	every	three	years	with	the





                                                                    FY	2020	AGENCY	FINANCIAL	REPORT           27
   31   32   33   34   35   36   37   38   39   40   41