Latest updates for federal grants management
INSIGHT ARTICLE |
Each August, RSM presents a webcast on the topic of federal grants management with a focus on the rules and regulations that have changed or soon will be changing that nonprofit organizations will need to comply with if they administer federal funding. The August 2019 presentation did not lack in content, as many topics were discussed that involved changes to federal regulations and related compliance areas.
Increase in procurement thresholds
The purchase of goods and services by nonprofit organizations using federal awards is governed by the procurement regulations of 2 CFR 200 (Uniform Guidance or UG). UG defines the five types of procurement actions that each type of purchase could fall under and the rules that must be followed in terms of bidding or obtaining quotations respective to each type. In June 2018, the Office of Management and Budget (OMB) issued memorandum M-18-18 that allowed for the increase in thresholds for some of these procurement types, as follows:
- Micro-purchase ceiling increased to $10,000 from $3,500
- Simplified acquisition threshold (SAT) increased to $250,000 from $150,000
- “Small” purchases range between the micro-purchase level and the SAT
The thresholds are maximum amounts that nonprofit organizations can select for these various purchase bands, but smaller levels may be set. As such, organizations must formally establish their levels in a procurement policy, which they should consistently follow. To take advantage of the new levels on a prospective basis, organizations must amend their policy. Until the policy is amended, the organization will be subject to existing policy and thresholds for its administration of federal awards.
Data collection form (2019)
For organizations subject to a UG audit under Subpart F of 2 CFR 200, the process concludes with the preparation of a data collection form and submission of reports to the Federal Audit Clearinghouse. Starting with audit periods ending in 2019, the data collection form (SF-SAC) form and process have been updated. Major changes include:
- Edit checking of the auditee employer identification number (EIN) will need to be done.
- Notes to the schedule of expenditure of federal awards will need to be entered.
- Full findings (if any) will need to be entered.
- Auditee correction action plans (if applicable) will need to be entered.
Other new features will include the ability of the data collection form system to generate a report-ready schedule of expenditures of federal awards and related notes for inclusion into the formal single audit reporting package. These features are only optional, but could create efficiencies and reporting consistency when the organization reports many federal awards.
GREAT Act of 2019
An initiative to modernize grant programmatic reporting is making its way through Congress. The Grant Reporting Efficiency and Agreements Transparency Act of 2019 (GREAT Act) has already passed in the House of Representatives (H.R. 150) and is being deliberated in the Senate (S. 1829) at the present time. If it passes in the Senate, the two versions would be reconciled in Committee.
The act is designed to bring to programmatic grant reporting what the DATA Act brought for grant financial reporting. It calls for data standards to be developed to capture relevant grant data so comparisons and analysis can be made across the spectrum of federal grants. If the act eventually passes, time will tell what effect it will have on grant recipients in terms of information collection and reporting.
2019 OMB Compliance Supplement
In early July, the Office of Management and Budget (OMB) issued its annual compliance supplement to be used by both auditors and award recipients managing federal awards for years ending June 30, 2019. The compliance supplement is an appendix of UG (Appendix XI) and is fully authoritative.
The 2019 version is back to a full version (the 2018 version contained only updates and was to be used in conjunction with the 2017 version) and contains some major changes for auditors who will approach compliance testing in a UG audit as well as greatly enhancing its guidance for internal control over compliance.
“Pick 6” Initiative
OMB has overhauled the compliance matrix in Part 2 of the supplement and mandated that federal agencies limit applicable compliance requirements to no more than six requirements (seven for the Research and Development Cluster).
The requirements of activities allowed or unallowed, and allowability of costs or cost principles is being viewed as a single requirement, not two (they have historically been approached by auditors as a single requirement due to the similar compliance concept between them). The limitation of requirements under this initiative may cause certain historically material requirements of certain program to not be tested.
The limitation of six applicable requirements only applies if the federal program (by CFDA number) is listed in Part 2 of the supplement. If an auditor selects a major program for testing that is not included in the supplement, there is no limit to the number of requirements (of the 12) that may be determined to be direct and material to the program.
The matrix in Part 2 then feeds into more specific requirements listed as applicable in Parts 4 and 5. However, after issuance, certain inconsistencies were noted between these sections. For instance, some programs had different requirements noted as applicable between the matrix (Part 2) and the detailed program requirements found in Parts 4 and 5. OMB is contemplating an update soon to correct for these issues.
Internal controls over compliance
Part 6 of the compliance supplement has been updated to provide practical guidance and illustrations for how an award recipient should approach internal control design in its management of federal awards. The guidance follows the best practices of the Green Book issued by the Government Accountability Office (GAO) and the Committee of Sponsoring Organizations of the Treadway Commission (COSO) model of internal control.
Both the Green Book and COSO utilize a framework that is based on five elements of internal control (control environment, risk assessment, control activities, information and communication, and monitoring activities) as well as the 17 principles of control that align to the five elements. Part 6 contains two appendices that cover entity-wide controls and control activities specific to each compliance requirement that can be used as a model/tool for approaching controls as required by UG.
Award recipients can expect more scrutiny of internal control design and operation as a result of these enhancements from both their cognizant agencies as well as their external auditors.
2018 revision to Government Auditing Standards
The GAO released its latest revision to Government Auditing Standards (GAS) in July 2018. Auditors who perform financial audits under these standards will use the new revision effective for June 30, 2020, and later audits. For nonprofit organizations, GAS will most often be used in connection with single audits under UG, but they may also apply in other situations as well.
While GAS is utilized by the auditors on applicable engagements, there are implications for the entities that are being audited. GAS contains independence standards that auditors most closely follow to avoid a situation where they would not be independent to conduct the audit. The 2018 revision of GAS raises the bar on organizations that rely on their auditors to perform certain accounting and reporting related services and to prepare the financial statements (including notes) from source data.
Certain services are now deemed to create significant threats to auditor independence. If these threats cannot be mitigated to an acceptable level, the auditor would not be able to perform both the nonaudit services and the GAS audit.
In order for the auditor to perform these nonaudit services, a multistep evaluation process must be followed and hopefully at the conclusion of the evaluation, the auditor concludes that the threat has been mitigated. The first evaluation step is to see if management has the proper skill, knowledge and experience (SKE) to oversee the nonaudit work to be performed by the auditor.
If no one within management has the SKE, the process stops and the auditor would not be able to perform the nonaudit services and management would have to find resources elsewhere to perform the reconciliations or financial statement preparation services.
If the auditor concludes that management has the SKE, the auditor must then determine if they can identify and apply adequate safeguards to mitigate risk to an acceptable level.
The evaluation of SKE and safeguards will be much more robust under the 2018 revision to GAS, and discussions should take place now between organizations and their auditors to make sure there will be no surprises come next year.
Common compliance findings
Organizations administering federal awards should be constantly performing risk assessments to make sure material risks are mitigated by established controls. Below is our 2019 list of common compliance findings:
- Sufficiency of internal controls over applicable compliance areas
- Identification of federal awards and SEFA presentation
- Subrecipient monitoring
- Indirect cost rates
- Allowability of costs
- Salary tracking and reporting
Award recipients should fully understand the applicable regulations of UG. They may also want to utilize the latest compliance supplement to reinforce their understanding of the rules and regulations as well. As noted earlier, Part 6 of the Supplement may also aid in the development of appropriate internal controls over compliance.
Listen to the webcast for more details on these grants management topics and other topics covered.