As a result of COVID-19 related legislation, including the CARES Act and other relief bills, many organizations will need to undertake a Single Audit for the first time this year or next. A Single Audit, also known as a Uniform Guidance Audit, is a financial statement and federal awards audit aimed at ensuring the federal funding an organization received was used in the manner intended and is in compliance with the Uniform Guidance. Any entity that expends $750,000 or more in federal funds in its fiscal year is required to have a Single Audit.
Given that this process covers both the organization’s financial statements and the federal awards it has received, a Single Audit can be an extensive and complex procedure. Missing a deadline or being found non-compliant can have significant consequences—the government may withhold funds until the deficiency is remedied, suspend or terminate the award, initiate suspension or debarment proceedings or withhold additional awards. The government could even pursue other legal actions.
As you kick off your Single Audit, preparation is essential. Watch out for these common pitfalls.
1. Not understanding all funding requirements
To have a smooth Single Audit, the first and most critical step is ensuring your organization understands the funding requirements you are subject to.
Our Take: It may seem obvious, but many organizations find themselves unaware of the details and compliance related to the specific funding they received, particularly if this is the first time they’ve been awarded these funds.
While the Uniform Guidance offers standards for federal awards generally, reviewing these standards is not enough: Closely examine your individual award letters or grant agreements for specific deadlines, special terms, and other requirements and ensure that you clearly understand all the regulations that accompany your award. If anything remains unclear, consult a trusted advisor to confirm you’ve accurately interpreted all the details.
Additionally, the Office of Management and Budget releases an annual Compliance Supplement that can provide additional information on the audit requirements of your federal awards, including recommended audit procedures for specific grants.
2. Insufficient internal control design and execution
A key element of the auditors’ work in the Single Audit is to test both the design and the execution of all the internal controls an entity has in place for each major program. However, this is another area where you can proactively address issues in advance of kicking off a Single Audit.
Our Take: Prior to beginning the Single Audit process, conduct a gap assessment that compares your internal controls to the requirements dictated by each major grant or funding source. This assessment should examine not only the design of your internal controls (i.e., are our internal controls structured in a way that adheres to these grant requirements?) but also the execution of those controls (i.e., do our internal controls function in the way we intended?). Many entities find that while the internal control design is compliant, in practice, they aren’t operating as stated.
Completing this assessment in advance of an auditor’s review doesn’t just help identify problems—it can also assist with addressing them before the Single Audit, if possible. If issues are more substantive, proactively uncovering them allows you to be transparent and forthcoming with the auditor and work with them to add supplemental information that may assist in explaining the reasons you fell short.
Regardless, it’s always better to conduct this assessment in advance to avoid any surprises in the Single Audit findings.
The importance of adequate documentation in any audit proceeding is no secret, and it’s magnified in the context of the Single Audit.
Our Take: Ahead of the Single Audit, ensure you have detailed documentation, policies, and procedures related to the federal awards you received—but it doesn’t stop there. Confirm you have captured all supporting documentation for all payments, procurements, contracts, and grants, as well as travel and any other commitments that your organization has.
Ultimately, the auditor executing your Single Audit can only tell your story using the materials and documentation available, so the onus is on your organization to create and maintain this documentation of everything ranging from procurement to salaries. All costs need to be reasonable, allowable, and allocable, as defined by the Uniform Guidance.
Additionally, in many instances, the Uniform Guidance allows an organization to follow its own organizational policies for certain items. Sometimes those policies may be more restrictive than the Uniform Guidance. If that is the case, keep in mind that the auditors will audit your organization against these more restrictive policies. You’ll also need to ensure you have updated and accurate financial statements, receipts, your Catalog of Federal Domestic Assistance (CFDA) number, and a grantor number (if needed).
Having all your relevant documents organized and accessible will help set your Single Audit up for success and make the process as streamlined as possible.
4. Inadequate subrecipient monitoring
Many entities that receive federal awards pass a portion of the funds through to other entities for use, creating a “subrecipient” relationship. This includes state or local governments that pass funding down to nonprofit organizations to execute certain programs. Doing so means the entity that received the award is now considered a “passthrough entity.”
Our Take: All award rules and regulations ‘flow down’ and apply to both passthrough entities and their subrecipients. However, payments to contractors, including fees for service, are not considered to be federal awards and thus are not subject to the Single Audit. Sometimes, the entity receiving the funding may be unsure if the organization they pass it to is considered a subrecipient or a subcontractor. To make this determination, consider the following definitions:
- Subrecipient: an entity that receives a portion of an award to carry out part of a federal program.
- Contractor: an entity that is contracted by another entity that purchases goods or services needed to carry out a program or project. This is often a procurement relationship where the goods and services are offered in a competitive environment and are also ancillary to the federal program.
When a subrecipient relationship is established, the passthrough entity is required to conduct an assessment that determines the monitoring procedures they will use to confirm the subrecipient is following the requirements associated with their subaward and to evaluate a subrecipient’s potential risk for noncompliance. While monitoring can be especially challenging in a remote work environment, it is a requirement and is an essential obligation of the entity that received the government funding.
Passthrough entities should ensure that they are adequately monitoring the subrecipients’ activities to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward, and that subaward performance goals are achieved. They should also provide the subrecipient with all the training and information needed to encourage compliance.
Subrecipient monitoring can be a hefty compliance obligation for organizations, particularly if they have multiple subrecipients to examine. If you are a passthrough entity, establishing detailed subrecipient monitoring procedures is a best practice to help avoid any surprise findings in the Single Audit. If your organization operates as a subrecipient, make sure you understand all the rules and regulations that flow down with your subaward and are having transparent conversations with the passthrough entity—this is essential to ensure you’re in compliance.
5. Cost Allocation issues
Having a clear understanding of which costs are considered direct costs (costs that can be identified specifically with a particular federal award or externally funded activity, or that can be directly assigned to these activities relatively easily) versus indirect costs (costs incurred for a common or joint purpose and cannot be readily assigned without significant effort) has long been a headache for recipients of federal funding, particularly nonprofits. Costs incurred for the same purpose in like circumstances must be treated consistently as either direct or indirect costs.
Working with inexperienced auditors
Single Audits are a complex undertaking and cannot be performed internally within the organization. Typically, Single Audits must be performed by independent auditors, usually certified public accountants (CPAs).