Auditor Fitzpatrick issues report on state agencies' use of federal dollars

Missouri State Auditor Scott Fitzpatrick today released his office's review of how Missouri state agencies managed and spent approximately $21.1 billion in federal funds during Fiscal Year 2024. This year's Statewide Single Audit reviewed 16 major federal programs with expenditures totaling approximately $16.2 billion, administered by 10 state agencies.

"The Statewide Single Audit is an important tool to help our state minimize waste and improve the efficiency with which our state agencies manage federal programs and the billions of dollars that flow through them," said Auditor Fitzpatrick. "I'm proud of the work our staff has done to identify areas where we can save millions of state tax dollars. Over the last three reports, we've identified savings totaling more than $11.5 million annually in state taxpayer funds, which is especially important as legislators face the prospect of tough budget years ahead."

Fitzpatrick added, "It is concerning that the majority of the findings in this report are similar to findings from past audits, which means many of the state agencies we review have yet to put our previous recommendations into place. I encourage state officials responsible for correcting these repeat findings to take the steps necessary to implement our recommendations so taxpayers can be confident the billions of federal dollars flowing into our state are spent appropriately."

The audit of the state's expenditures of federal awards for the fiscal year ended June 30, 2024, contains 17 findings, of which 13 were repeated from prior Single Audits. These findings have been reported in the 1 to 5 prior years. The current audit report contains 4 findings regarding state agencies failing to properly monitor more than $3 billion in funds passed through to subrecipients in Fiscal Year 2024. The audit identifies weaknesses in monitoring procedures in the Coronavirus State and Local Fiscal Recovery Funds (SLFRF) and for the Child and Adult Care Food Program (CACFP), while also finding that no monitoring was performed by the State Emergency Management Agency (SEMA) for any disaster program subrecipients.

As similarly noted in the Fiscal Year 2023 audit, the report found the Department of Health and Senior Services (DHSS), which oversees the CACFP, does not have sufficient controls and procedures to ensure reimbursements to child and adult care facilities and sponsors are allowable and supported with sufficient documentation. The audit also found DHSS subrecipient risk assessment and monitoring procedures are not sufficient to ensure CACFP subrecipient compliance with program requirements. As a result, significant unallowable and unsupported reimbursements are made without being prevented or detected on a timely basis, and monitoring reviews have identified significant issues and claim errors, including some potentially fraudulent activity, and led to over 15 contract terminations in recent years.

A randomly-selected sample of 60 DHSS monitoring reviews conducted for 60 CACFP facilities/sponsors during the year ended June 30, 2024, noted DHSS disallowances (overclaims/underclaims) in 43 of 59 (73 percent) reviews for which meal reimbursement claims were tested. Overclaims totaled $48,508 (40 reviews) and underclaims totaled $10,144 (3 reviews), with a net overclaim of $38,364, or at least 7 percent of claims tested by the DHSS. While the DHSS adjusted subsequent claims to recoup or reimburse for the identified overclaims/underclaims, unallowable costs could be significant if similar errors were made on the remaining population of CACFP meal reimbursements totaling approximately $67 million. The audit report notes the DHSS continues to disagree with the State Auditor's Office recommendations and believes their procedures are sufficient and in compliance with federal regulations. However, April and June 2025 emails from a USDA - Food and Nutrition Service (USDA-FNS) official to the DHSS regarding the prior audit finding indicates corrective action was required and made after the audit period and validated by the USDA-FNS.

As similarly noted in the previous Statewide Single Audit, the Office of Administration (OA) has not established policies and procedures regarding monitoring subrecipients of the Coronavirus State and Local Fiscal Recovery Funds (SLFRF) program. For the year ended June 30, 2024, approximately $186 million was passed through to subrecipients of the SLFRF program. The report recommends the OA develop a subrecipient monitoring program in accordance with federal requirements that include performing risk assessments for each subrecipient for the purposes of determining the appropriate subrecipient monitoring procedures; monitoring for compliance with federal requirements and subaward terms and conditions, and ensuring subaward performance goals are achieved; and reviewing subrecipient single audit reports.

Another finding in the report highlights how the State Emergency Management Agency (SEMA) did not perform subrecipient monitoring reviews or review subrecipient single audit reports for the Disaster Grants - Public Assistance (Presidentially Declared Disasters) (DGPA) as required. The SEMA disbursed approximately $180 million to 320 DGPA program subrecipients during the year ended June 30, 2024. The SEMA's Monitoring Specialist performed risk assessments for all 890 subrecipients of open projects during the year ended June 30, 2024; however, the SEMA did not perform the 190 monitoring reviews of these subrecipients as required by the monitoring policy.

A significant finding similar to one in each of the last two Statewide Single Audit reports could save the state at least $1 million annually in state taxpayer funds. The Department of Social Services (DSS) did not include a type of fringe benefit costs in the AlloCAP system, totaling approximately $2.66 million during the year ended June 30, 2024. As a result, allowable costs were paid from state funding, that could have been allocated to federal funding for various federal programs. The identification of this issue will allow DSS to pay for these services with federal funds rather than state funds. Previous audits detected similar errors that saved the state more than $10.5 million annually.

Of the 17 findings contained in the Statewide Single Audit, 7 are related to the administration of the Medicaid program and the Children's Health Insurance Program (CHIP) by the DSS and the DHSS. One finding notes how the DSS - MO HealthNet Division (MHD) does not have sufficient controls to ensure benefits are terminated for participants no longer eligible for Medicaid and CHIP. A review found a death match was not operating in the Medicaid Eligibility Determination and Enrollment System during the year ended June 30, 2024. Additionally, for 1 of 60 participant cases sampled, the DSS received information requiring participant case termination, but did not manually terminate the participant's eligibility in the applicable eligibility system. As similarly reported in the 5 previous audits, the DSS has still not corrected manual system overrides for approximately 10,200 (1 percent) of MAGI-based Medicaid and CHIP participants, preventing their cases from being identified as needing a redetermination and closed when necessary. As of June 30, 2024, these participants remained enrolled without redetermination of eligibility for up to 10 years. As noted in the previous audit, the MHD lacked adequate controls of Medicaid and CHIP receipts totaling approximately $1.5 billion.

Additionally, the audit found the MHD did not review and remove access rights for the Medicaid Management Information System (MMIS) in a timely fashion for users no longer employed in positions needing access. A sample of 60 MMIS users found 1 terminated user whose access had not been removed for nearly 2 years. The audit also found, as it did in three previous audit reports, the DHSS did not perform Medicaid facility survey procedures within required timeframes.

The audit identified significant problems with the new Child Care Data System (CCDS) implemented by the Department of Elementary and Secondary Education (DESE) during the audit. CCDS operations have been problematic as various programming and data migration errors have caused overpayments and underpayments to providers. A review of 45 CCDS payments totaling $25,902, identified 35 (78 percent) that contained 1 or more types of errors.  A sampling of 60 monthly payments, which includes the 45 CCDS payments, to providers for child care found the DESE overpaid providers for 29 of the payments and underpaid 8 providers. The audit recommends the DESE continue to review, strengthen, and enforce internal controls to ensure payments are made in accordance with the Child Care program subsidy state plan.

Additionally, the audit found the DESE, the Department of Economic Development (DED), and the Department of Higher Education and Workforce Development (DHEWD) need to strengthen internal controls related to Federal Funding Accountability and Transparency Act (FFATA) reporting. During state fiscal year 2024, the DESE did not comply with FFATA reporting requirements for any of the 1,398 first-tier subawards, totaling approximately $330 million, for the Child Nutrition Cluster programs. The DED did not comply with FFATA reporting requirements for any of the 47 first-tier subawards, totaling approximately $196.7 million, for the Coronavirus Capital Projects Fund program. The DHEWD did not comply with FFATA reporting requirements for 4 of 10 subawards reviewed for the Workforce Innovation and Opportunity Act (WIOA) Cluster.

Another finding in the report notes how the Missouri Department of Transportation (MoDOT) did not establish policies and procedures to monitor contractor and subrecipient compliance with Build America, Buy America (BABA) domestic preference provisions for Infrastructure Investment and Jobs Act-funded projects of the Highway Planning and Construction program.

A complete copy of the Statewide Single Audit for fiscal year 2024 is available here.