Health Care Provider Relief Funds Impose New Audit Requirements: Private Sector Companies Have Historically Been Exempt

Some health care providers that received Provider Relief Fund (PRF) dollars to reimburse for health care-related expenses or lost revenues attributable to COVID-19 will find themselves in unfamiliar territory when it comes to federal audit requirements. Historically, under most circumstances, only non-federal government agencies and not-for-profit organizations have been subject to audit requirements under the Single Audit Act. Not anymore.

Health and Human Services (HHS) provided a definitive answer that for-profit entities that expend $750,000 or more of PRF during the entity’s fiscal year will be subject to an audit as described in Section 75.216 of HHS’s adoption of the Uniform Guidance. The section discusses two options for audits of commercial organizations:

1. a financial related audit of a particular award or multiple HHS awards in accordance with Government Auditing Standards; or
2. a full single audit that meets the requirements contained in subpart F of the Uniform Guidance.

Best practices for performing these for-profit engagements are being discussed. Watch for more information in the coming weeks.

In the meantime, here are some things to know and audit tips to keep in mind for health care providers that may find themselves in the predicament of needing an audit of federal funds for the first time.

How do I know if my entity needs an audit due to my Provider Relief Fund expenditures?

As stated above, for-profit entities that expend $750,000 or more of their Provider Relief Funds during the entity’s fiscal year will be subject to an audit. That means if your entity runs on a calendar fiscal year ending December 31^st, and you expended more than $750,000 of the Provider Relief Funds during fiscal year ending December 31, 2020, you will be subject to audit requirements. In some instances your entity may already be receiving federal grant funds from other sources in addition to the Provider Relief Funds from HHS. In order to determine whether the $750,000 threshold is met (thus requiring a Single Audit), an entity must count all the amount of federal funds expended, either directly from federal agencies like HHS, and also funds received from pass-through entities (subrecipients), such as state or local agencies (Texas Health and Human Services Commission, Texas Department of State Health Services, cities, counties, etc).

NOTE: Payments for adjudicated patient claims under Medicaid and Medicare are not included in funds expended toward reaching the $750,000 threshold.

What should I be doing now to prepare for my audit?

When it comes to your federal program expenditures, stick to the fundamentals of the purpose of the funding and document, document, document. Remember, PRF dollars are intended to be used for preventing, preparing for and responding to the coronavirus and may only be used to reimburse for health care related expenses or lost revenues attributable to COVID-19.

• Follow accounting policies and procedures and retain records for COVID-19 expenses.
  • Stick to your policies and procedures as best as possible and document any changes as a result of COVID-19. Manual processes are most likely to be affected. Communicate procedural changes to staff.
  • Retain records for COVID expenses as if any of these expenses could be subject to audit, because they could. Good record keeping will reduce the possibility for claw-back of funds.
• Maintain internal controls over compliance.
  • Document any changes in internal controls caused by COVID-19 funding. Know what your review and approval process is, who is responsible, and how it is documented
  • Focus on internal controls in these key areas: payroll, non-payroll, and procurement. Payroll should include time and effort reporting requirements for all staff being paid with COVID-19 funding. For non-payroll expenditures purchase orders should reference COVID and be adequately supported by third party invoices or the like. For procurement ensure federal procurement requirements are being followed. Noncompetitive procurements should be well documented.
• Understand the grant and types of applicable compliance requirements (allowable costs/activities, procurement, reporting requirements, etc.).
  • Assign a Program Director to oversee the expenditures of the federal funds. Program Directors need to obtain an understanding of the grant(s) and the compliance requirements to ensure the entity is able to comply. Don’t let compliance be an after-thought.
  • With an influx of new money be sure to obtain the necessary documentation from your granting agency: CFDA #, award amount, period of availability, allowable and unallowable costs, reporting requirements, etc. Also, keep an eye on your expenditures of federal awards. Keep in mind the $750,000 threshold for triggering an audit.

Single Audit Background

 Single audits have a significant public interest component as they are relied on  by federal agencies, such as HHS, as part of  their administrative  responsibilities for determining compliance with the requirements of federal  awards by non-federal  entities.

The Single Audit Act Amendments of 1996 (Single Audit Act) were enacted to streamline and improve the effectiveness of audits of federal awards expended by states, local governments, and not-for-profit entities (referred to as non-federal entities), as well as to reduce audit burden. The Single Audit Act requires these audits, referred to as “single audits” to be conducted by an independent auditor. The Act refers to a “single audit” because it consolidates multiple individual audits of non-federal entities required for each federal award into a single audit. The stated purpose of the law is to promote sound financial management of government funds by non-federal organizations, promote uniform guidelines for audits, and reduce burdens on government and not-for-profits by promoting “efficient and effective use of audit resources.” The Office of Management and Budget (OMB) explains it this way: “A single audit is intended to provide a cost-effective audit for non-Federal entities in that one audit is conducted in lieu of multiple audits of individual programs.” Single audits have a significant public interest component as they are relied on by federal agencies, such as HHS, as part of their administrative responsibilities for determining compliance with the requirements of federal awards by non-federal entities.

 A regulation referred to as the Uniform Guidance is the most recent OMB  regulation issued for this purpose.

The Single Audit Act gives the Director of the Office of Management and Budget (OMB) the authority to develop government-wide guidelines and policy on performing audits to comply with the Act. A regulation referred to as the Uniform Guidance is the most recent OMB regulation issued for this purpose. It includes uniform cost principles and audit requirements for federal awards to nonfederal entities and administrative requirements for all federal grants and cooperative agreements. Subpart F of the Uniform Guidance replaces Circular A-133 with the Single Audit compliance supplement contained in Appendix XI of the Uniform Guidance.

How is a Single Audit different from a regular independent audit or a program specific audit in accordance with Government Auditing Standards? What is its scope?

 Single Audits cover the entire organization’s financial operations, and are  substantially more detailed than a regular independent audit.

Single Audits cover the entire organization’s financial operations, and are substantially more detailed than a regular independent audit. A Single Audit requires higher levels of testing by the independent auditor to establish that:

• The financial statements are presented fairly and accurately; and in accordance with federal cost principles;
• The organization has an adequate internal control structure, and that;
• The organization is in compliance with any special government regulations/laws that apply to the specific federal funding stream.

 On the other hand, a program-specific audit starts with an audit of only the  program financial statements, in this case, the Provider Relief Fund program.

On the other hand, a program-specific audit starts with an audit of only the program financial statements, in this case, the Provider Relief Fund program. Generally, these statements consist of a single statement of revenues, expenditures and changes in fund balance of federal program activities administered by the recipient, including notes. In many cases, a program-specific audit guide will be available to provide specific guidance with respect to internal controls, compliance requirements, suggested audit procedures, and audit reporting requirements. 

In the case of a Single Audit, the 2020 Compliance Supplement has not yet been released. The OMB Compliance Supplement is a large and extensive U.S. federal government guide created by the Office of Management and Budget (OMB) and is used in auditing federal assistance and federal grant programs, as well as their respective recipients. It is considered to be the most important tool of an auditor for a Single Audit. The 2020 Compliance Supplement is expected to be issued in two parts this year. The first part is expected in August and will contain limited information on the new programs resulting from the COVID-19 funding. The second part will be an addendum likely issued in the later summer or early fall. The Provider Relief Funds have been assigned CFDA number 93.498 as will be listed in the 2020 Compliance Supplement.

At this time, it has not been decided if a full single audit or a program specific audit will be required for the for-profit providers that meet the threshold for an audit.

To learn more about possible Provider Relief Fund audit requirements or for assistance managing your HHS grants or other COVID-19 grant monies, contact a Weaver professional today. We’re here to help. Watch for more information on this in the coming weeks.

Authored by Rebecca Goldstein, CPA, partner in assurance services.

© 2020