Audit of the Determination of Whether Net State Tax Revenues Exceeded Allowable State Tax Revenues Objectives, Scope, and Methodology

Pursuant to Chapter 62F of the Massachusetts General Laws (inserted by St. 1986, C, 555, S. 2), the State Auditor is required to (1) review and ensure the completeness and accuracy of the Commissioner of Revenue’s Report of the Net State Tax Revenues and Allowable State Tax Revenues for the fiscal year ended June 30, 2022 and (2) independently determine whether net state tax revenues exceeded allowable state tax revenues and report the determination and amount of any excess state tax revenues for the fiscal year ended June 30, 2022, which were the objectives of this audit.

We conducted this performance audit in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives.

We gained an understanding of the internal control environment related to the audit objectives at the Department of Revenue (DOR) and the other six state agencies that the Office of the Comptroller of the Commonwealth (CTR) identified as receiving Chapter 62F state tax revenues: the Massachusetts Gaming Commission, the Massachusetts State Lottery Commission, the Massachusetts State Athletic Commission, the Division of Insurance, the Office of the Secretary of the Commonwealth, and the Department of Unemployment Assistance. We accomplished this by reviewing policies and procedures, inspecting documents, and performing inquiries with staff members and management at DOR and the other six state agencies.

We performed the following procedures to obtain sufficient, appropriate audit evidence to address our audit objectives.

• We reconciled Chapter 62F state tax revenues received by DOR and the other six agencies to the information in the state’s accounting system, the Massachusetts Management Accounting and Reporting System (MMARS). To this end, we reviewed DOR’s GeniSys accounting and reporting system and determined that GeniSys transactions were accurately reported in MMARS (see Exhibits II and VI).
• We obtained the most recent Massachusetts wage and salary data paid to the citizens of the Commonwealth for calendar year 2021 from the United States Department of Commerce’s Bureau of Economic Analysis and recalculated the allowable state tax growth factor. We used the recalculated growth factor to determine the allowable net state tax revenue for fiscal year 2022 (see Exhibits IV and V). We then compared the net state tax revenue to the allowable state tax revenue for fiscal year 2022 (see Exhibit I).

To achieve our audit objectives, we reviewed and reconciled all recorded Chapter 62F state tax revenues in MMARS to DOR’s revenue recorded in GeniSys, the revenue recorded by the other six state agencies, and CTR’s tax revenue records. The financial data obtained from MMARS and used for the analysis constitute the official accounting records of the Commonwealth, are widely accepted as accurate, and form the basis for the Commonwealth’s audited annual financial statements. In addition, in 2022, the Office of the State Auditor performed a data reliability assessment of MMARS that focused on testing selected system controls (access controls, application controls, configuration management, contingency planning, and segregation of duties) for the period December 1, 2020 through November 30, 2021. As part of our current audit, we compared and reconciled revenues recorded in GeniSys for 2 of the 12 months of the audit period (December 2021 and March 2022) to CTR’s recorded Chapter 62F state tax revenues to confirm their accuracy. We also selected 3 months of bank reconciliations (December 2021, March 2022, and June 2022) performed by DOR during the audit period and verified that the deposits DOR recorded in its financial records reconciled with the information in its bank statements as well as with the deposit information maintained by the Office of the State Treasurer and Receiver General.

For GeniSys, we reviewed general information technology controls, including process approvals for system change orders, accessibility of programs and data, system data changes, and system change management policies and procedures. We also reviewed policies and procedures of DOR and the Executive Office of Technology Services and Security for access controls and security awareness training, and we reviewed DOR’s supporting documentation for unsuccessful login attempts, session locks, auditable events, audit monitoring, analysis, and reporting.

Additionally, for the current audit period, we performed variance analyses on the Chapter 62F revenues reported to determine whether significant changes were within reasonable ranges and whether all sources of Chapter 62F state tax revenues were reported.

Based on the above procedures, we concluded that the data obtained from MMARS and GeniSys were sufficiently reliable for the purposes of our audit.