Statutes, codes, and regulations
Colorado Administrative Code
Department 200 - Department of RevenueDivision 212 - Marijuana Enforcement DivisionRule 1 CCR 212-3 - COLORADO MARIJUANA RULES
Part 3 - Regulated Marijuana Business Operations
Section 1 CCR 212-3-3-915 - Independent Audit May Be Required

1 Colo. Code Regs. § 212-3-3-915

Download
PDF
Current through Register Vol. 47, No. 7, April 10, 2024
Section 1 CCR 212-3-3-915 - Independent Audit May Be Required
A.State Licensing Authority May Require Independent Audit.
1. When the State Licensing Authority deems it necessary, it may require a Regulated Marijuana Business to undergo an audit by an independent accountant. The scope of the audit may include, but need not be limited, to financial transactions and inventory control measures.
2. In such instances, the Division may attempt to mutually agree upon the selection of the independent accountant with a Regulated Marijuana Business. However, the Division always retains the right to select the independent accountant regardless of whether mutual agreement can be reached. The independent accountant shall be a certified public accountant licensed by, and in good standing with, the Colorado State Board of Accountancy.
3. The Regulated Marijuana Business will be responsible for all direct costs associated with the independent audit.
B.When Independent Audit Is Necessary. The State Licensing Authority has discretion to determine when an audit by an independent accountant is necessary. The following is a non-exhaustive list of examples that may justify an independent audit:
1. A Regulated Marijuana Business does not provide requested records to the Division;
2. The Division has reason to believe that the Regulated Marijuana Business does not properly maintain its business records;
3. A Regulated Marijuana Business has a prior violation related to recordkeeping or inventory control;
4. A Regulated Marijuana Business has a prior violation related to diversion.
5. As determined by the Division, the scope of an audit conducted by the Division would be so extensive as to jeopardize the regular duties and responsibilities of the Division's audit or enforcement staff.
C.Compliance Required. A Regulated Marijuana Business must pay for and timely cooperate with the State Licensing Authority's requirement that it undergo an audit in accordance with this Rule.
D.Violation Affecting Public Safety. Failure to comply with this Rule may constitute a license violation affecting public safety.

Basis and Purpose - 3-920

The statutory authority for this rule includes but is not limited to sections 44-10-201(4), 44-10-204(1)(a), 44-10-202(1)(c), 44-10-202(1)(a), 44-10-204(1)(a), 44-10-203(1)(k), 44-10-313(12), and 44-10-701(2)(a), C.R.S. The State Licensing Authority must be able to immediately access information regarding a Regulated Marijuana Business's managing individual. Accordingly, this rule reiterates the statutory mandate that Licensees provide any management change to the Division within seven days of any change, and also clarifies that a Licensee must save a copy of any management change report to the Division, and clarifies that failure to follow this rule can result in discipline.

The State Licensing Authority finds it essential to the stringent and comprehensive enforcement of the Marijuana Code to regulate, monitor, and track all Regulated Marijuana in order to prevent diversion and to ensure that all Regulated Marijuana grown, processed, sold, and disposed of in the Regulated Marijuana market is accounted for transparently in accordance with the Marijuana Code.

Requiring Licensees to report instances when the Regulated Marijuana they cultivate, manufacture, distribute, sell, test, or dispose of is stolen, unlawfully Transferred, or otherwise diverted from the regulated market, or when Licensees discover plans to divert the Regulated Marijuana, emphasizes that Licensees are accountable for their Regulated Marijuana at all times and contributes to the transparency of the regulated market.

In addition to maintaining transparency in the regulated marijuana industry, the State Licensing Authority also must ensure the confidentiality of certain Licensee information and records, including information in the Inventory Tracking System. Requiring Licensees to report instances where the Inventory Tracking System was compromised or planned to be compromised through unlawful access, use for unlawful purposes, the deliberate alteration or deletion of data, or deliberately entering false data, contributes to ensuring the accuracy and transparency of the system and therefore the regulated market, and aids in maintaining the confidentiality of Licensee data.

This Rule 3-920 was previously Rules M and R 904, 1 CCR 212-1 and 1 CCR 212-2.

1 CCR 212-3-3-915

42 CR 23, December 10, 2019, effective 1/1/2020
43 CR 21, November 10, 2020, effective 1/1/2021
44 CR 07, April 10, 2021, effective 5/1/2021
44 CR 13, July 10, 2021, effective 8/1/2021
44 CR 23, December 10, 2021, effective 1/1/2022
45 CR 21, November 10, 2022, effective 12/1/2022