Skip to content

It Figures Podcast: S4:E8 – The Who, What, Where, and Why of a Single Audit

On this week’s episode, CRI Partners Tina Stewart and Gwen Mansfield-Vogt get into the weeds of a single audit, why they matter, and what you can do as an organization to prepare for a successful report.

Speaker 1:

From Carr, Riggs, & Ingram, this is, It Figures, the CRI podcast, an accounting, advisory, and industry focused podcast for business and organization leaders, entrepreneurs, and anyone who is looking to go beyond the status quo.

Tina Stewart:

Hey, everybody, this is Tina Stewart and welcome to the it Figures podcast. For today, we will be sitting with Gwen Mansfield-Vogt, who is our resident expert in single audits, and she’s an amazing partner out of New Mexico. I am kind of the head of the government and not-for-profit guru tech person, and we’ll sit here and kind of answer some questions when it comes to how to prepare for your single audit.

And I think to kick it off, Gwen can start by talking about how we really need to understand the funding we’re receiving and how to understand what we have and if we’re going to need a single audit from what we’re receiving. And with that, I’m going to hand it off to Gwen to kind of touch base on that.

Gwen Mansfield‑Vogt:

Thanks, Tina. Great to be here. Yeah, so whenever an entity is first getting into receiving and expending federal, or sometimes state, funds, there’s some preliminary work that really needs to be done upfront or as soon as possible. So as soon as you realize that you’ve been awarded a grant or anticipate receiving funding, the best thing to do first off is to read and understand any agreements that are provided to you or any other information that your grantor agency has given out.

In the last couple years with all of the COVID funding that’s come out and kind of trickled on down from the federal government to states and other governments, some of that may not be super formalized, it may be more in an email or, hey, your grantor agency may just send you a link to a website to review to understand how you can use this funding. But that’s definitely step number one, is just to understand the funding you’ve got and start to learn the rules that underlie that funding.

One thing that you may find useful is segregating grants into separate funds or accounts. That may not necessarily mean a separate bank account, but a separate account in your accounting system will really make the process of tracking and eventually auditing those funds much easier on you and your staff.

On an ongoing basis as you are receiving and spending these funds, it’s also a great idea to reconcile the revenues and expenses that are charged to this grant on some sort of periodic basis. It could be monthly. It could be quarterly. You probably don’t want to leave all of that to the end of the year, because you’ll be busy with everything else the year-end brings at that point.

Tina Stewart:

Hey, Gwen, so let me ask you a question. So I know a lot of times people miss some funding on their CFIS. What’s one of the biggest ways they can prevent missing that funding when they’re looking at their grants or speaking with maybe their state agencies that they think they’re getting state funding from?

Gwen Mansfield‑Vogt:

Right, that’s a great point. A lot of times you’ll receive funding from your state, but the source of that funding was actually the federal government. In that case, the funding is usually still counted as federal funding for purposes of your audit, which we’ll talk about in a little bit. But so a way to identify that type of funding, which refer to as Federal pass through funds, is that that grant agreement should specify the source of the funding.

You’ll be looking for key terms such as CFBA, which stands for the Catalog of Federal Domestic Assistance, or Assistance Listing Number, abbreviated to ALN. Those are both pretty bright line indicators that that is federal funding and not from a state source. Also, if you’re seeing CFRs or references to the Code of Federal Regulations, then that could be an indication that that is federal funding. Also, obviously, if you’re seeing something like the United States Department of Health and Human Services, again, that’s most likely federal funding.

If you have an agreement that has any of those terms, but you’re not sure, definitely go ahead and reach out to the grantor agency or to your accounting firm, because they may have experience with that specific grant as well.

Another term to look for in grant agreements is the Uniform Guidance or 2 CFR 200. That is the regulations that overall cover both the spending, receiving, and audit of those federal funds. Within the Uniform Guidance, it has rules that cover procurement, basically how you choose which vendors to use for those funds, allowable costs, there’s many, many categories of allowable versus unallowable costs inside the Uniform Guidance, covers everything from payroll to travel to indirect costs that you can charge.

You also need to be aware of what is referred to as suspension and debarment. When you’re awarding contracts to vendors out of your federal funding, you’re required to perform some procedures to check that these vendors have not been suspended or debarred from federal funding. And what that consists of is literally just going to the website www.sam, that’s S-A-M, .gov, and looking up that vendor. If they don’t show up or if they show up and say no active exclusions, then you’re good to go. If there are exclusions, then you cannot award a contract to that vendor or individual. So that’s just something that we see a lot of times that goes wrong in the audit process, is where grantees may not be aware of that requirement or how to actually do it.

Another thing to look at in the Uniform Guidance is there is a list of required clauses for contracts with federal funds. These cover a lot of those kind of boilerplate type laws that apply to all federal contracting, so it’s a good idea to understand those as well if you’re doing any contracting of federal funds.

There are also other types of regulations that apply in many cases to federal funding. A good example of those is what’s referred to as the Davis-Bacon Act, or the wage rate requirements. For any construction that is over $2,000, so that’s a very, very small threshold for construction, and is paid for with federal funding, the contractor needs to comply with the Davis-Bacon regulations. Those basically set minimum wage rates for types of employees that will be performing the construction services. So just keep in mind, if you have any federally financed construction, your contractors will need to comply with Davis-Bacon and they will need to provide you with certified payrolls, which is basically how they’re telling you that, “Yes, we have complied with this.”

Tina Stewart:

Hey, Gwen, on that, on Davis-Bacon, I know one of the things that we see throughout some of the audits we see is if there’s a sub-recipient and the requirement of the sub-recipient if the sub-recipient’s also doing construction, and how that kind of lingers on to that it’s flowing through. If that makes sense.

Gwen Mansfield‑Vogt:

Yes, that does. When you’re awarding funds to a sub-recipient, those funds keep their federal character, so all of these federal requirements will still apply at that sub-recipient level. So if your sub-recipient of these funds is performing construction, they will also have to ensure that their contractors comply with Davis-Bacon. Pretty much every contractor that’s bonded and certified and all of that to do construction at a large scale will be very familiar with Davis-Bacon requirements. It is not something that’s unique or uncommon for them to have to deal with.

One other thing that I want to mention is what’s referred to as a supplement not supplant requirement. This requirement basically means that you cannot use federal funds to provide services that you were previously performing with state or local funds, or your own funds. Basically saying that these federal funds have to supplement the services that you’re providing rather than supplanting other funds and providing those services. The federal funding needs to be for extra stuff. Sometimes this will explicitly not apply, if, say, you’re receiving an operating subsidy for a program that you’re already doing, but a lot of times the federal funds are designed for an additional program or an expansion of a program.

And finally, indirect costs, and I mentioned this a couple minutes ago. In addition to charging actual indirect costs, which could be salaries of administrators, office space expenses, that sort of thing, the federal government has made it much easier in the last couple of years for grantees to be able to charge a flat 10% de minimis indirect cost rate. If your grant allows for it, and this is something that you may need to check with your pass through agency or grantor agency, charging that 10% de minimis cost rate for indirect cost to the grant does not require any sort of supporting documentation other than using the correct costs to calculate that 10% on. And the costs that you use there are basically the direct costs for operating the program, the other stuff that’s charged to the grant, then you take 10% of that and you can claim that as indirect costs, which helps to support all of the administrative activities that help to support the operations of the federal program.

Tina Stewart:

So that’s a lot that they already have to keep up with that the feds expect, but then they also expect these companies or agencies or not-for-profits, whatever kind of entity, to also have internal controls, and there’s a requirement for there to be internal controls and for the auditors to test those internal controls when they’re coming in there. So maybe we could touch on some of the requirements that go around for internal controls. Although you know that’s my favorite topic.

Gwen Mansfield‑Vogt:

I do, it’s my least favorite topic, so that’s why we work together so well.

Tina Stewart:

We balance very well.

Gwen Mansfield‑Vogt:

Yeah. So yeah, as you said, all non-federal entities that spend federal funds are required to establish and maintain effective internal controls over those funds. Now, obviously that is requirements over how the funds are spent, making sure that that PO is reviewed before it’s charged to the grant. That’s a control over those costs. But there’s also controls that have to be in place for many other requirements of these funds.

Kind of underlying all of these controls will be keeping good records. As I mentioned before, periodic reconciliation of funds coming in and out is a wonderful control, not only for your federal funds, but for everything you do. And the federal funds and other grants, of course, you need controls that the funds are being spent in accordance with the regulations, that when you are requesting reimbursements or drawdowns of funds, again, that those are reviewed and are correct before you send them in.

And there will also typically be multiple reports required for every grant. Those reports, it’s extremely important that those be accurate and timely, and having a good set of controls over those reports, and the information that goes into those reports, is wise.

One good resource that you can sit down with and kind of devise controls or compare the control system that you have already in place to what is needed, is part of the OMB Compliance Supplement. This is a document that’s released every year, typically in early to late summer, anywhere from May to September, that kind of tells auditors how to audit federal funds every year.

This is, however, a good thing for auditees to be aware of too. For one thing, it’s kind of a cheat sheet for what the auditors are going to look at for your funds. You can know where they’re going to be focusing their efforts. But also Part 6 of the Compliance Supplement is designed to help auditees establish and maintain those internal controls that they need. This is available for free online, you can pull it down either from the White House website, because this is from OMB, or the Office of Management and Budget, or through the Government Audit Quality Center, the GAQC.

But either way you get to it, Part 6 of the Compliance Supplement does have a few pages of background information on what controls should be, what they’re designed to do, and then it has examples of controls, both at the entity wide level, which is kind of how your organization runs and the internal controls over the organization as a whole, and the control activities, which is the day-to-day operational type stuff that is the internal controls that the auditors typically test in an audit. So that Part 6 of the Compliance Supplement will be very, very useful.

Tina Stewart:

You know that’s one of my favorite parts, Gwen, and I just like to stress, while she’s talking about that, is when you’re looking at these suggested controls, is to really identify which controls will prevent or detect something from happening. So I always like to compare it to your home and keeping safety in your home. If you have your door locked, it’s going to prevent somebody from coming in, but if somebody kicks down that door, what’s going to detect it? And so that detection is like an alarm system going off. So think of it that way. So when you look at all these suggested controls, just making sure that you’re identifying ones that can both prevent and detect a failure from occurring, because you’d hate to have an issue or a fraud occur because we didn’t have something that could prevent it as well as detect it.

Gwen Mansfield‑Vogt:

That’s very true. And having both types of controls is definitely a baseline for a good, strong control system. Now, as you’re looking at these new controls that you need to put into place, you may find that you have personnel needs. Now, it’s obviously very hard in the current climate to find people to hire or to make room in budgets to hire additional people. It may be easier to reassign tasks off of people or combine their tasks in such a way that you have somebody that is charged with performing these controls and also monitoring those controls.

One thing to keep in mind is that the board of directors, the city council, the county commission, those types of entities who we refer to as those charged with governance, that can cover for a lack of personnel in some cases. A lot of times in smaller entities, we see where checks over a certain dollar amount have to get a signature by the director of the board. It could also be that all transactions to be charged to a grant are approved by the board of directors at a monthly meeting. You need to make sure that they have the information and the resources to properly review and approve those expenses, but if they take that on, that can help cover if your employees and personnel are stretched a little thin in doing all of these tasks. So just keep in mind that they can be a resource there as well.

Tina Stewart:

One of the things, Gwen, that I think’s a great reminder too, is that it’s great to have all these controls, but it has to go on throughout the year. So it can’t be one of those things that you’re waiting until the month that you’re scheduling your audit to realize, oh wow, we don’t have internal controls, let’s put some in place. One of the requirements of the grant is that you have it in for the whole fiscal year that you’re performing or utilizing this grant award. So I just wanted to remind people that, to make sure that they’re not waiting until the audit’s coming, but rather planning for it when they’re even trying to get their grant applied for it. Because you have to have internal controls in order to have this grant awarded.

Gwen Mansfield‑Vogt:

That’s very true. And your internal controls are going to be a lot more effective and work better if they’re happening at the same time that the grant’s actually being spent. If you’re trying to do it all at the end, if you have problems they’re going to be a lot harder to fix. And kind of in-

Tina Stewart:

What if something goes wrong, Gwen? What if they find something in their internal controls and realize, hey, they have this internal control going, and they realize, “Oh wow, Peggy Sue has been stealing these grant funds for years now”?

Gwen Mansfield‑Vogt:

Poor Peggy. My middle name’s Margaret. I feel a little bit offended right now.

Tina Stewart:

Well it’s Peggy Sue, not Margaret Sue.

Gwen Mansfield‑Vogt:

Well, yes, unfortunately, it is common for stuff to go wrong. Everybody involved in these processes is human, and humans make mistakes. So if we do have something go wrong, then that is typically an indication that a preventive control either wasn’t in place, or failed. However, if you have detective controls in place, they can catch errors before they snowball and become larger and larger errors. These could be things like unallowable expenses that were charged to a grant, inaccurate reporting. Maybe a report was filed and the numbers were switched or transposed, or it was just wrong. It could be other issues, such as non-compliance with the Davis-Bacon Act. Could be non-compliance with earmarks or other requirements of the grant. Or it could even be a case where, yes, somebody is stealing these funds.

So when that is caught at the entity, even though something bad happened, it is definitely good that the entity catches it and that the pass through entity, the grantor, or the auditors don’t catch it. So when something like that is caught, you have a few options to try and resolve the issues.

I would say first of all, definitely communicate with a grantor. Say, “We found this. What course of action would you like us to take?” That maybe something like covering an unallowable cost with non-federal funds. Maybe you need to transfer some funds out of the general fund into the grant fund, and then you can re-spend that money on allowable costs. You might be able to revise an incorrect report and just send it in with a note. “This is a revision of the report filed, blah, blah, blah,” and then that’ll be fine. Or the grantor may have other instructions for you.

Tina Stewart:

I guess ultimately they also need to communicate with their grantor to find out which method to take in order to resolve the issue.

Gwen Mansfield‑Vogt:

Definitely. That’s going to be your first stop and really the best stop, this communication with the grantor there.

Tina Stewart:

Now we’ve talked about all the things we have to do in order to comply with the grant, the internal controls, we have to do, a lot of the things we’re going to see throughout there and the compliance requirements. But when the audit actually comes, how do we prepare for the audit? How does the grantee, the auditee, prepare for this audit?

Gwen Mansfield‑Vogt:

So first of all, understanding what causes you to be subject to a single audit. For federal purposes, if you have spent more than $750,000 in federal funding during your fiscal year, you will be subject to either a single audit or a program specific audit. There are also a few states that have single audit requirements at the same threshold, such as Texas, Florida, and North Carolina, and those of course would be expenditures of a state funding to be subject to those types of single audits.

Now, a program specific audit is a option in certain circumstances, those are allowable first only if you have spent funds under one federal program or cluster only. Even $1 spent under another grant makes you ineligible for a program specific audit.

There are also other types of engagements that are available to for-profit entities that spend certain types of funding, and also for small local governments that received the coronavirus state and local fiscal recovery funds, and a small amount of other federal funding. If you think that your entity may qualify under one of those other types of engagements, definitely speak with your auditors. Those alternative engagements often result in a lot less work for the auditors and for the entity.

Tina Stewart:

And just to say that less work also is less risk as well. It’s just a lower level of assurance having to be giving, so that means it’s a lower level of assurance that you have to worry about as a client as well.

Gwen Mansfield‑Vogt:

And a lower fee, let’s not forget that part either.

Tina Stewart:

That’s correct. That’s the most important part, right?

Gwen Mansfield‑Vogt:

Yeah. So that is to say it’s important to communicate early and often with your auditors once you’re aware that you’re spending federal funds. You might just want to check in and keep them abreast of the situation. Even if you’re not sure that you will hit that $750,000 threshold, there’s a chance that you do or that you need to prepare to hit it the next year.

Also, make sure that you retain all documentation, everything from your grant agreements, emails with your granting agency, supporting documentation for all costs charged to the grants, whether that’s invoices, time sheets, payroll registers, copies of reports filed, everything like that.

And when you are getting ready to actually be subject to a single audit for the first time, you do need to be prepared for some new types of procedures and questions that the auditors will have to ask as part of the single audit. There will be more internal control questionnaires and interviews. As we mentioned before, internal controls are a very important part of spending federal funding. They’re also a major focus of the single audit. You will need to be able to provide all grant agreements and a detail of all expenditures and receipts of those grant funds. Speaking from experience, we love those in Excel. That would be absolutely the best way, if we could just get a GL detail for the expenditures and the revenues for all of those grants.

You’ll also be asked to pull sample items, and that could be quite a lot. It just depends on what type of funding you’re spending and the types of activities. Now, if you are doing something like construction, you may be asked to provide several pay apps with all of the supporting documentation. But if you’re spending money for, say, operating expenses, you may be asked to submit 25, 40, or 60 vendor disbursements, paychecks, that sort of thing. Just be aware that this could be quite a time suck on your staff while the single audit is going on.

Tina Stewart:

Hey, I just want to also help with this issue, which is she’s saying 25, 40, or 60, that could just be for one grant. So if you have a bunch of grants that come through and you have more than one major program, each major program can require that. So I’d make sure that you have those ready to go, and your bigger ones and more risky ones are probably the ones that are going to get selected. But just have those in a filing system that it’s easy to pull for your auditors.

Gwen Mansfield‑Vogt:

Yes, definitely. We also see in some cases, we are just given access to a computer system. If that is an option, that may also work, although be prepared still to have your staff assist. And also things like reports that you filed, we will need to see those along, with the supporting documentation. And if reconciliations are a part of your control system, again, we need to see the supporting documentation used in that reconciliation process.

And finally, you may be asked a lot of questions, especially the first time or two around, or the first time with a new program, because not only do the auditors need to understand the program, they need to understand how your entity handles the program, because every single entity is different. So some of the questions that you get asked may seem pretty common sense or pretty repetitive. A lot of that is just making sure that we understand how everything works on your end, so we don’t come in with improper assumptions.

And finally, just keep in mind that the single audit, it may be much more in depth than your normal audit or accounting services that you get, and again, that’s because this is one of the biggest tools that the federal government has to monitor the funds that it’s giving out, especially as a result of the COVID-19 pandemic. A lot of money went out on a very quick timeline, and this is one of the main tools that they have to ensure that those funds were spent and are being spent properly.

Tina Stewart:

Well, Gwen, that’s a lot of information, but it seems like it gets somebody ready, especially if they’re just about to head off on getting some grant awards or going into their single audit.

Gwen Mansfield‑Vogt:

I sure hope so. It is a lot of information, but your auditor should be able to help with any questions that you have. We look at these all day long and a lot of the stuff that may seem foreign or unfamiliar to you, this is my language, this is the world that we live in, so definitely reach out with any questions.

Tina Stewart:

Thank you, Gwen. And thank you all for joining. It was a great time on It Figures podcast. Thank you.

Gwen Mansfield‑Vogt:

Thanks, Tina.

Speaker 1:

If you want more CRI insights or are interested in learning about our firm, please visit our website at cricpa.com. Thanks for listening to this episode of It Figures, the CRI podcast. You can subscribe to It Figures on iTunes, Spotify, or wherever you prefer to listen to your podcasts. If you liked what you heard today, please leave us a review.

Previous Episodes

Join Our Conversation

Subscribe to our e-communications to receive the latest accounting and advisory news and updates impacting you and your business.

This field is for validation purposes and should be left unchanged.