Looking back, 2023 was a dynamic year marked by growth and new challenges facing institutions. With the national emergency coming to an end, FAFSA simplification rolling out, and an updated audit guide, institutions have a unique opportunity to make 2024 a season of growth and a refresher on best practices.
Out with the old…
Effective for fiscal years beginning on or after January 1, 2024, the updated audit guide will come into play for testing. Below you will find a few highlights of the testing items that will be removed in the upcoming audits:
- Servicer information sheet and testing; while we will continue to verify the responsibilities a servicer provides, there will be a reduction in testing in this area. It’s important to note that institutions are ultimately responsible for their servicers, and thorough compliance reviews are encouraged.
- Student confirmations; goodbye to student confirmations! This testing area has been phased out to streamline the audit process.
- Sample sizes; The requirement to review all students for a universe of 25 or fewer has changed. Universes of 25 or less are now only required to have 10 students in the sample. However, there are a few additional testing requirements that may expand this area if we do not have a sample of at least 5, such as refunds, verification, transfer students, and more.
In with the new…
- Effective immediately, state authorizations are now required for fully online programs if a student resides in a state different from the physical location of the program.
- The GLBA Safeguard elements have been heightened. It’s crucial to review and update your processes to meet the increased safeguard requirements. Check out our past newsletter for a full review of these updates!
- NSLDS enrollment reporting will undergo changes. Program enrollment detail will now be tested, digging deeper into confirming accurate enrollment status, program detail (CIP code, program length), and effective dates. This adjustment aims to ensure more comprehensive and accurate reporting.
- Starting this year, the preparation of the Schedule of Prior Year Findings will no longer be handled by M&A (or your compliance auditor) but will move to the institution. Not to worry, we will have guidance and support in place to facilitate a smooth transition. Watch out for detailed instructions from our team.
Site visits must now be completed in person once again. Rest assured; we have a plan to support you in navigating these in-person site visits. New Year, New Opportunities: Auditor
Recommendations
With the numerous updates this year, it’s crucial to focus on what’s within your control. The M&A team is here to support and assist you in maintaining your institution’s compliance. As you prepare for the year ahead, consider incorporating the following best practices:
- Ensure up-to-date policies and procedures:
- IT Security Program updates to adhere to GLBA (16 CFR §314.4)
- Verification Policy (34 CFR §668.53)
- LOA Policy (34 CFR §668.22(d)(3)(iii))
Make sure these are current, as they will be tested as part of the updated audit guide.
- Review 3rd party servicer guidance, while the audit guide introduces changes to how we test servicer tasks, remember that it is ultimately the institution’s responsibility to ensure reporting accuracy.
- Train staff and conduct internal audits; identify and address areas of the greatest risk within your institution. These challenges present opportunities to thrive in the new audit year.
- Draft meaningful Corrective Action Plans. In addition to completing the prior year schedule of audit findings, use this information to find the root cause of any issues and make impactful changes.
- Share results with staff and stakeholders to stay informed about struggles and successes. Transparency is key to building a strong and resilient compliance culture.
Wishing you a fantastic start to the New Year! If you have any questions or need guidance, please don’t hesitate to reach out. We’re here to navigate these updates with you.