Skip to content
Breadcrumbs

Post-Payment Audit Process

To ensure that agencies’ payroll, purchase, procurement and travel expenditures comply with state law, the Comptroller’s Fiscal Management Division performs post-payment audits of all state agencies.

Each year, the Expenditure Audit section selects agencies based on a risk assessment. This page explains how the agency audit process works.

Audit Process

Phase 1

Collecting information

  • We send you a notification letter along with a questionnaire that asks about your processing procedures. Once you have filled out the questionnaire, we schedule an entrance meeting with you to discuss the scope and nature of the audit.
  • We select a random sample of your transactions from each group — payroll, purchase, travel and special expenditures — and ask you to pull all related documentation.
  • We may ask you about other transactions or information related to your agency.

Phase 2

Fieldwork

  • We spend time on-site at your agency or remotely reviewing your documentation.
  • We then schedule an exit conference to finalize the fieldwork. This is your last opportunity to submit documentation before we draft a preliminary audit report.

Phase 3

Reporting

  1. We prepare the preliminary audit report, and include:
    • Report issues (Type I findings):
      • Payment issues: When the amount paid is incorrect.
      • Documentation issues: When the lack of documentation does not allow us to verify that the payment is correct and appropriate.
      • Statutory compliance deficiencies: When there is missing documentation, when applicable laws or regulatory guidelines were not followed, or when compliance controls were ineffective or weak.

      Note: We report the number of occurrences and, in some instances, the actual dollar value of these issues in the audit report. The number of occurrences of an issue may cause a type II finding to be changed to a type I finding, as this may indicate that a problem was widespread or systemic.  Additionally, if a type II finding was noted in the agency’s prior audit and the finding was also observed in the current audit, then a type II finding may be changed to a type I since the finding was not corrected.

    • Management issues (Type II findings):
      • Processing or procedural issues such as incorrect Comptroller objects, interagency payments made with warrants, and not using state travel management program contracted vendors (such as Hotel Engine). 
      • Inefficient or ineffective processes that could be improved, for example by using best practices.
      • Noncompliance with the agency’s internal policies.
      • Missed/unimplemented recommended (but not required) processes.

        Auditors inform agency management about these issues separately from the published audit report.

  2. You receive the preliminary report and a corrective action plan form to complete. You will have a deadline to submit responses and detail any corrective policy and procedural changes to be included in the final report.
  3. We review your plan and either follow up with you or close the audit.

Your audit is included in our Quarterly Audit Summary that goes to the Governor's Office, Legislative Budget Board, Senate Finance Committee, House Appropriations Committee, Sunset Commission and State Auditor's Office.

Post-Payment Audit Sequence

  1. Entrance conference occurs.
    • Agency provides documentation.
  2. Auditors begin fieldwork.
  3. Update meeting occurs.
    • Agency can submit additional documentation to support its expenditures.
  4. Exit conference occurs.
  5. Auditor issues preliminary report.
  6. Agency responds to preliminary report.
    • Auditor incorporates agency's response.
  7. Final report is issued.

Post-Payment Audit Documentation

Supporting Documentation:

A state agency must maintain supporting documentation to prove the legality, propriety and fiscal responsibility of payments made from the agency’s funds. The supporting documentation must be made available to the Comptroller's office during a post-payment audit, a pre-payment audit or at any other time.

Centralized Accounting and Payroll/Personnel System (CAPPS):

Post-payment auditors have full access to the agency’s CAPPS data, so they will navigate the CAPPS modules used by the agency to obtain as much information as possible. Access to and review of implemented CAPPS modules and the agency’s use of CAPPS in the business processes under audit may minimize the amount of supporting documentation required from the agency. However, if any information required for the audit is not maintained in CAPPS, the agency must provide the original source documents to the audit team before the start date of the audit. Auditors and agencies will discuss the location of information needed for audit testing, as well as the most efficient and effective way to provide documentation.

The sections below list specific examples of the documents and information typically required for auditors to validate the transactions selected for testing in the post-payment audit. Additional documentation may be requested during the testing phase.

Confidential Information Must Be Encrypted Before Emailing to Fiscal Management:

Do not use email to communicate confidential information. Email is not a secure transmission. You must provide an encrypted attachment for any confidential information sent via email, as prescribed by your agency’s information security policy. Please review Confidential Information Must Be Encrypted Before Emailing to Fiscal Management (FPP D.004) for more information.

Required Documentation for the Payroll Sample

Below are specific examples of documents needed to validate payments and payroll deductions based on the comptroller object codes used for the transactions selected for testing.

For all employees selected
  • List of the agency employees authorized to approve personnel action forms (PAFs) and other supporting documents.
  • Withholding Exemption Certificates (W-4) to support the Social Security number.
  • Applications/resumes.
  • New hire documentation (PAFs, offer letters, prior state service forms, etc.).
Regular salary (comptroller objects 7001-7016)
  • PAF and any other relevant documentation (such as performance evaluations for merit increases, merit increase policy/guidelines, etc.) to support the transaction’s effective date, amount paid and comptroller object.
  • Time record(s) if the employee is paid at an hourly rate or if the employee worked other than normal hours.
Compensatory (comptroller object 7019) and overtime (comptroller object 7021)
  • PAF and other documents that support the hourly rate used to calculate the payment.
  • Time/leave records that support the amount of the compensatory/overtime payment.
Longevity (comptroller object 7022) and hazardous duty (comptroller object 7020)
  • Employment documents to support the longevity and hazardous duty payment amounts (i.e., new hire/rehire/leave-without-pay personnel action forms [PAFs] and verifications of prior state service).
  • Documentation showing the agency-determined effective service date for the employee.
  • Documentation to show the employee’s status for the first day of the month for the transaction pay period if the employee works less than full time.
Lump-sum vacation (comptroller object 7023) and lump-sum death (comptroller object 7024)
  • Terminating PAF in effect for the transaction payment period.
  • Any other documentation that supports the additional pay included in the calculation of the hourly pay rate.
  • Employee leave records to support the vacation and/or sick leave balance(s) in effect at the time of termination.
Bonuses and other (comptroller objects 7017, 7018, 7028, 7030, 7031, 7046, 7047, 7048, 7051)
  • PAFs and other documentation to support these types of payments.
  • Agency policies on eligibility to receive these payments.
Benefit replacement pay (BRP) (comptroller object 7050)
  • State employment history to support the employee’s eligibility for the payment and documentation to verify BRP base pay (such as PAFs in effect for September 1, 1995, leave-without-pay PAFs, prior state service forms).
  • Authorization for leveling of BRP.
Payroll deductions (charities, credit unions, employee organizations and prepaid tuition)
  • Authorized payroll deduction forms.

Required Documentation for the Purchase Sample

The following documentation is needed to validate the purchase payments:

  • The approved purchase voucher.
  • The purchase order and contract/agreement (as applicable), including any related purchase order change notices (POCNs) and amendments.
  • The invoice.
  • The confirmation that goods/services were received as expected and billed.
  • Any other documentation required to support the purchase (per eXpendit and the State of Texas Procurement and Contracting Manual).

Required Documentation for the Payment Card Sample

The following documentation is needed to validate the payment card payments:

  • The credit card statement that lists the transaction selected for testing, including evidence of the date the statement was received.
  • The related Uniform Statewide Accounting System (USAS) document ID (if not provided by auditors).
  • The payment card log, when applicable.
  • Preapprovals and monthly reconciliations, as necessary.
  • Receipts from the vendor of the goods or services.
  • The purchase order, when applicable.
  • Evidence confirming goods/services were received.
  • Screen prints of the order from the vendor, if purchased online.
  • Printout of the warrant hold check on the vendor, when applicable.
  • Any other documentation required to support the purchase (per eXpendit and the State of Texas Procurement and Contracting Manual).

Required Documentation for the Travel Sample

The following documentation is needed to validate the travel payments and reimbursements:

  • The signed travel voucher.
  • All associated invoices/receipts.
  • Invoices from the vendor (for direct bill travel payments).
  • Detailed information for mileage reimbursements.
  • Evidence of preapproval (as applicable).
  • Cost-comparison analysis for the travel method used.
  • Justifications and/or authorizations for any unusual transactions.
  • Any other documentation needed to support the travel voucher (per TexTravel).

Required Documentation for the Travel Card Sample

The following documentation is needed to validate travel card payments:

  • The credit card statement that lists the transaction selected for testing.
  • The related USAS document ID (if not provided by auditors).
  • Preapprovals and monthly reconciliations, as necessary.
  • The signed travel voucher associated with the transaction.
  • All associated invoices/receipts.
  • Cost-comparison analysis for the travel method used.
  • Justifications and/or authorizations for any unusual transactions.
  • Any other documentation needed to support the travel payment (per TexTravel).

Required Documentation for the Grant Sample

The following documentation is needed to validate grant payments:

  • The signed grant contract or purchase order.
  • The invoice from the grantee.
  • Any other documentation necessary to support the grant payment (per eXpendit and the State of Texas Procurement and Contracting Manual).

Required Documentation for the Refund of Revenue Sample

Documentation showing a valid reason for and correct payment of refunds of revenue.

Required Documentation for Procurement/Contracts

Solicitation documentation:

  • Draft/initial solicitation documentation – all parts/attachments/exhibits.
  • Stakeholder meeting documentation (e.g., needs assessment, total value estimate, acquisition plan, quality assurance).
  • Requisition.
  • Historically underutilized business (HUB) coordinator review of subcontracting opportunities.
  • Proprietary purchase justification (if applicable).
  • Emergency justification (if applicable).
  • External reviews/approvals obtained (including evidence of agency request and receipt of approval).
    • Contract advisory team (CAT) review for contract ≥ $5 million.
    • Quality assurance team (QAT) review for major information resource project (MIRP) contract ≥ $10M.
    • Statewide Procurement Division (SPD) review/delegation letter.
    • Department of Information Resources (DIR) approval of statement of work (SOW) price request with value > $50,000.
    • DIR exemption from use of DIR cooperative contracts for IT commodity items.
    • DIR/Legislative Budget Board (LBB) approval not to use DIR’s data center services (DCS).
    • Governor finding of fact.
    • State Auditor’s Office (SAO) delegation to obtain audit services.
    • Office of the Attorney General (OAG) approval to retain outside counsel services.
    • Other.
  • If CAT or QAT review occured, provide copy of review. If recommendations are not complied with, provide written explanation regarding why the recommendation is not applicable to the procurement.
  • Final solicitation (including all parts/attachments/exhibits).
  • Final Centralized Master Bidders List (CMBL) (dated CMBL listing – extracted from CMBL using National Institute of Government Purchasing [NIGP] class/item codes and, if applicable, agency head or designee approval of supplements to bidder list).
  • Internal approval to issue solicitation.
  • Electronic State Business Daily (ESBD) posting (including dated ESBD printout of posting and/or ESBD generated email notification of confirmation of posting).
  • Solicitation announcement issued to all vendors on final bid list (email printout).
  • Texas Register publication (including dated Texas Register printout and/or Texas Register email notification of confirmation of publication).
  • Solicitation issuance via email (e.g., informal bidding) (including evidence of issuance to bidder list).
  • Pre-proposal conference agenda and sign-in sheet (including dated ESBD printout of posting and/or ESBD generated email notification of confirmation of posting).
  • Copies of questions from potential respondents (including proof of timely receipt).
  • Question and answer document issued (including evidence of issuance, e.g., ESBD printout of posting and/or ESBD generated email notification of confirmation of ESBD posting).
  • Solicitation addenda issued (all parts/attachments/exhibits including evidence of issuance, e.g., ESBD printout of each posting and/or each ESBD generated email notification of confirmation of posting).
  • Finalized scoring matrix and initial administrative review criteria.

Evaluation documentation:

  • Copies of all offers, bids or responses (including proof of timely receipt).
  • Administrative review of documentation for each offer (i.e., responsiveness screening tracking sheet for each response). Results of initial evaluation(s) of all registered and received offers including a detailed explanation of why offers were rejected or disqualified.
  • HUB coordinator review of HSP for each response (including evidence of approval/disapproval).
  • Vendor Performance Tracking System report or dated printout showing “no results found” or “none” for each respondent.
  • Signed nondisclosure and conflict of interest statement from each evaluation committee member.
  • All completed evaluation committee member score sheets of all qualified offers (score sheets from all scoring committee members for all scoring rounds).
  • Bid tabulation and/or master evaluation score sheet of all qualified offers (completed).
  • Internal approval for tentative contract award or cancellation of solicitation.

Contract award documentation:

  • External reviews/approvals obtained (including evidence of agency request and receipt of approval).
    • QAT review for MIRP contract ≥ $10 million.
    • DIR approval of SOW price request with value > $50,000.
    • OAG approval of outside counsel services contract.
    • Other.
  • Required agency verifications:
    • Agency verification of best-value standards (34 Texas Administrative Code Section 20.217[a]).
    • Agency verification of complete procurement file (Texas Government Code, Section 2262.053).
    • Compliance of procurement with state law and agency policy and notification of potential issues for contracts > $5 million (Texas Government Code, Section 2261.255).
    • Other.
  • Required agency approval and signature of contract > $1 million (Texas Government Code, Sections 2261.254[c]-[d]).
  • Signed conflict of interest disclosure statement for procurement and contract management employees (Texas Government Code, Section 2261.252).
  • Signed SAO nepotism disclosure form for agency personnel for contract ≥ $1 million.
  • Vendor-signed Texas Ethics Commission Form 1295 for contract.
  • Comptroller’s office Debarred Vendor List check, with dated printout or other proof.
  • System for Award Management (SAM) and Office of Foreign Assets Control (OFAC) checks of vendor, with dated printout or other proof.
  • Energy company boycott check, with dated printout or other proof.
  • Iran, Sudan and foreign terrorist organization check of the Texas Treasury Safekeeping Trust Company (TTSTC) divestment statutes lists, with dated printout or other proof.
  • Boycott Israel check of the TTSTC divestment statutes lists, with dated printout or other proof.
  • Warrant hold status check, with dated printout or other proof.
  • Franchise tax status check, with dated printout or other proof.
  • Signed contract.
  • Purchase order.
  • Notice of award (including evidence of issuance):
    • ESBD.
    • Texas Register.
    • Email notification to bidders list (e.g., informal bidding).
    • QAT review for MIRP contract ≥ $10 million.
    • LBB contract reporting.
    • Other.
  • Notice of cancellation of solicitation (including evidence of issuance):
    • ESBD.
    • Texas Register.
    • Email notification to bidders list (e.g., informal bidding).
    • QAT.
    • Other.

Recovery Audit Techniques

In conjunction with the post-payment audit, we have incorporated additional audit procedures to identify recoverable monies for state agencies. These procedures are conducted during the planning and fieldwork phases of the audit and may require you to provide additional supporting documentation.

  • Purchase and contract reviews help Expenditure Audit identify potential recoveries such as discounts, rebates and other contract savings.
  • Duplicate payment reports help identify potential duplicate payments by generating and reviewing data to test agency payments for goods and services.

If your agency is being audited, the auditor can answer any specific questions you may have about documentation to provide.