Financial statement service requirements for nonprofits extend beyond state, grantor, or agency-level requisitions. At the federal level, organizations are expected to comply with the IRS and various agencies, depending on their annual revenue or how much funding they may have received.
The area where federal financial statement compliance requirements come into play is with single audits.
Background on Federal Single Audits
Single audits were first established in the 1980s to help government entities better track and measure the performance and outcomes of federal aid programs. Nonprofit organizations weren’t included in the first iteration but were added in 1996. Since then, single audits have undergone changes, from increasing the audit threshold to reducing areas of compliance review.
Newer updates to single audits have focused more on performance than compliance, though the latter has always been the foundation for tracking federal aid. Between 2019 and 2022, compliance review areas have decreased from 12 to six to transition more to program management rather than strict compliance. Only Research and Development programs are permitted to have more compliance areas.
In addition, more agencies are adding the review requirement for performance reporting – an increase of six between 2021 and 2022. That means even if a single audit isn’t required for a specific program now, it could be in the future as more programs expand reporting requirements.
What Are Single Audits?
Single audits, also referred to as OMB Uniform Guidance audits, are above and beyond a standard audit; they are program-based and mandate that organizations keep certain types of records and submit detailed reports. Recipients of federal funds need to show that the money was used according to the funds’ purposes, so documentation for single audits is important. And these compliance requirements vary.
A federal single audit requirement may be triggered when the organization spends more than $750,000 annually from direct or indirect federal funds. Some federal programs may set the threshold for single audits at a lower amount than $750,000; it’s important to check for each grant.
Many organizations found themselves conducting single audits for the first time in 2021 or 2022 in the wake of record-breaking federal relief aid during the pandemic. And while there were deadline extensions then to perform and complete COVID-related single audits, that’s very rarely the case.
When it comes to funding, it’s always a good idea for organizations to ask where the money originates from. Sometimes, the answer is less obvious. Examples of funding that can result in a single audit requirement are grants, contracts, cooperative agreements, loans, direct appropriations, endowments, non-cash assistance, and more.
Look for these references as starting points:
- Federal Assistance Listing Number
- Uniform Guidance (UG) or OMB A-133, superseded reference, but often still used
- Code of Federal Regulations (CFR)
- Funding Opportunity Number, which is a number that a federal agency assigns to its grant announcements
Chances are, when a single audit is required, a separate financial statement audit may be required as well. That’s one of the reasons why single audit compliance can be missed; organizations may assume that because a financial statement audit is being performed, they’re cleared of major compliance requirements.
How to Tell If a Single Audit is Required
Single audits can be hard to spot, especially when the organization is unsure where the funding actually came from. Federal funds can sometimes be mistaken for state funds if there is an intermediary agency; therefore, organizations should always double check the original disbursements and ask the grantor if they’re unsure. Failure to satisfy single audit requirements can have disastrous consequences, up to and including fines and rescinding the award money.
Preemptive questions that an organization can ask to get an early sense of when a single audit might be required include asking where the funding came from, whether it originated with another agency first, and the role that the organization plays in terms of its compliance responsibilities.
What to Expect from a Single Audit Process
Both auditors and organizations have distinct responsibilities in a single audit. Organizations that received the funding are required to comply with all funding requirements and implement relevant performance measurement systems. They are also responsible for maintaining financial management oversight. This includes:
- Identifying funding separately
- Tracking complete and accurate financial results
- Monitoring payments, like cash draws and advances
- Implementing effective internal controls
- Maintaining written procedures
Organizations will likely have entity-wide internal controls and controls that are specific to the program requirements. Generally, the control environment is what sets the tone for the entire organization, while monitoring and control activities are more at the program level. Written procedures are required for all compliance areas.
Other responsibilities are to choose an experienced auditor, prepare the Schedule of Expenditures of Federal Awards (SEFA), and produce audited financial statements. If there are prior single audit findings, the organization must also prepare a summary schedule of prior audit findings and a corrective action plan, if applicable.
Audit procedures, goals, and specific compliance requirements will change depending on the program. A few examples of compliance requirements are:
- Allowable costs or activities
- Level of effort
- Cash management
- Program income
- Period of performance
From there, the auditor will begin testing the organization’s internal controls and processes. At the end of the day, the single audit proves that the organization has used the federal funds according to their purpose and has protected the program’s integrity against undue risk or loss.
Best Practices for Single Audit Compliance
The most important part of preparing for a single audit is knowing which funding requires it and what the specific program requirements are.
Although program requirements will vary, strong internal controls and reporting processes are central to meeting most of the general requirements of a single audit. It’s common for most of the prep work to fall on one person, like a CFO, Controller, or Business Manager. To the extent possible, offering targeted training to that individual can help them to better understand the nuances and requirements of a single audit. Training can also help them to know when to pull in outside help and how to use additional resources.
To prepare, start by identifying problem areas or potential areas for risk. Internal control improvement can and should happen year-round, and the sooner the organization self-corrects, the smoother the single audit process will be. If a single audit has been performed in the past, that can be a good place to start.
Federal financial statement compliance with single audits can be overwhelming and confusing, especially for first-time auditees. For questions about federal single audit requirements, contact Bo Garner, CPA, MBA, who leads the Not-for-Profit group at PBMares.