(a) Recipients and subrecipients of WIOA title I and Wagner-Peyser Act funds must have an internal control structure and written policies in place that provide safeguards to protect personally identifiable information, records, contracts, grant funds, equipment, sensitive information, tangible items, and other information that is readily or easily exchanged in the open market, or that the Department or the recipient or subrecipient considers to be sensitive, consistent with applicable Federal, State and local privacy and confidentiality laws. Internal controls also must include reasonable assurance that the entity is:
(1) Managing the award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award;
(2) Complying with Federal statutes, regulations, and the terms and conditions of the Federal awards;
(3) Evaluating and monitoring the recipient's and subrecipient's compliance with WIOA, regulations and the terms and conditions of Federal awards; and
(4) Taking prompt action when instances of noncompliance are identified.
(b) Internal controls should be in compliance with the guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States and the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). See 2 CFR 200.303.