The Office of Community Planning and Development (CPD) manages more than $14 billion in disaster recovery funding that Congress appropriated through the Disaster Relief Appropriations Act of 2013 (Public Law (PL) 113-2).  CPD distributed the funds to 34 grantees as Community Development Block Grant Disaster Recovery grants.

PL 113-2 requires grantees to establish adequate procedures to detect fraud, waste, and abuse of disaster recovery funds.  To assist grantees in meeting this statutory requirement, CPD required disaster grantees to establish an internal audit activity.  Internal audits assure that a grantee’s internal controls mitigate program risk and ensure that organizational goals and objectives are met.

We observed that (1) CPD’s guidance for implementing the internal audit requirement was vague and (2) CPD’s level of interaction with disaster grantees concerning the internal audit requirement was inconsistent.

We recommend that CPD provide clearer guidance and instruction to PL 113-2 disaster grantees to assist them in establishing an effective internal audit activity.  Once finalized, such guidance would benefit future disaster grantees required to establish an internal audit activity.  We also recommend that CPD establish a recurring training and discussion forum among the PL 113-2 grantees and CPD that enables grantees to share ideas and receive guidance and information about CPD’s expectations regarding the internal audit requirement.