Designing and Administering Efficient, Audit-Ready Grant Programs
Never miss a thing.
Sign up to receive our insights newsletter.
Compliance From Day One
Compliance through the federal grants process can be complex. For example, the COVID-19 pandemic ushered in intricate new programs through the American Rescue Plan Act (ARPA). Even though clear guidelines were not always available up front, the consequences of noncompliance can still be significant and leave recipients that accepted funding “on the hook” for clawbacks if not administered effectively.
The best way to stay off that hook is to plan for compliance from Day One. Effective preparation can minimize audit findings and clawbacks later, which is especially important with programs like ARPA where the money is spent first and approved later.
Managing large, complex federal grants programs is both science and art. It is not about the simple application of rules and flowcharts — it is about working with teams on the ground to help them deliver the best services while complying with federal guidelines. Good grant management will not overburden your staff with paperwork and excessive red tape or inhibit their ability to provide the best services. The secret is designing and administering programs from the outset with compliance in mind.
Since 2020, about $150 billion has been distributed through ARPA and its Coronavirus Relief Fund. The greatest distributions went to state departments of education, followed by other state services, like transportation and health services. ARPA money has to be obligated by the end of 2024 and spent by the end of 2026, so state and local governments have ample time and opportunity to get compliance issues addressed.
Another example is the Infrastructure Investment and Jobs Act of 2021 (IIJA), which allocates $550 billion in funding for infrastructure, clean energy and resilience projects. These funds are currently being distributed and will provide opportunities for the next five years.
Federal Grant Program | Grant Funding (Available or Obligated) |
---|---|
Infrastructure Investment and Jobs Act | $550,000,000,000 (approx.) |
|
$257,600,000,000 |
|
$137,600,000,000 |
|
$121,000,000,000 |
Education Stabilization Fund | $277,169,032,298 |
Coronavirus State and Local Fiscal Recovery Funds | $242,881,074,490 |
Coronavirus Relief Fund | $149,864,165,929 |
Grant Program Design and Administration
Federal grant funds usually flow from a federal agency (the grantor) to a state or local agency, which in turn distributes it to regional or local organizations that spend the money to accomplish program goals. The state agency receiving and distributing funds is both a grantee, because it receives funds from the federal government, and a grantor, because it is giving funds through grant agreements to cities, school districts, local transportation districts or workforce programs (as just a few examples). Grantees sign a grant agreement that spells out the conditions and requirements they must meet and documentation they must collect. In addition, there may also be subrecipients, who are paid with grant funds but hired under contracts rather than grant agreements. For example, a school district grantee may contract with education specialists or purchase equipment; those vendors are called subrecipients.
Grant administration is the process of making sure all the links in this grant chain are strong: that everyone understands the requirements and has set up processes to make sure that requirements are met over the long term, even as people come and go. Grantees must also understand that each phase has different requirements, and appropriate internal controls must be in place, along with supporting documentation retained, to ensure continued compliance. Regardless of their role, everyone must comply with the same requirements at 2 CFR 200, commonly called Uniform Guidance. One benefit for organizations receiving federal grants is that many such grants include a percentage of funding that can be used to pay those administrative costs.
The key to an effective, compliant grant program is designing the program with the end in sight, by building robust processes with appropriate documentation from the beginning. Grantors and grantees need detailed, specific contracts or grant agreements. Grantees must perform internal and external stakeholder engagement and analyses to make sure they are addressing the most critical needs. They must then define appropriate metrics to track program success, create dashboards and develop open lines of communication to keep everyone working together toward common goals. If you are going to accept grant funds, you must be willing to make the investment in skilled administration and compliance so that you meet all requirements. A failure in administration can lead to having to pay back grant funds.
Grant Compliance and Monitoring
Once the grant program has been developed, grantees must maintain and monitor its performance. The most effective grant monitoring approach is risk-based and preventive, prioritizing efforts based on the grant program requirements and grantee/subrecipient factors (award amounts, experience with grants, control environments, etc.), then targeting efforts where they are most needed. This approach assesses financial and internal control compliance, ensuring funds are being spent as intended within the time allotted. It uses risk assessments, internal control evaluations and guidance to increase compliance and minimize the risks of clawbacks. And finally, this proactive approach finds — and fixes — noncompliance early on.
Each grant is unique, but implementing good grant design, administration and compliance will put you a step ahead. Know your compliance requirements by utilizing resources such as 2 CFR 200 – Uniform Guidance. Work closely with your grant administrator to understand documentation requirements and familiarize yourself with the details of your award contract, including contract amount, approved funding sources, terms and conditions, scope of work, program objectives and reporting requirements.
Refer to the Office of Management and Budget (OMB) Compliance Supplement, which identifies important compliance requirements for most major federal grants. For example, they specify rules for expenditures, cost allocations, HR and procurement. By following the Compliance Supplement’s guidance, you will further prepare yourself for single audits and potential compliance reviews from the Office of Inspector General. The Compliance Supplement is the same guidance auditors use to perform the single audit, which is required each year for grants over a certain size.
Knowing where your biggest risks are helps you avoid common pitfalls and audit issues by setting up appropriate grant processes and internal controls before you begin spending money. Common risks include:
- Misuse of grant funds
- Failing to achieve the grant objectives, including intent and documentation requirements
- Violating laws, regulations or grant conditions
You must also understand the potential consequences of noncompliance, which include (but are not limited to):
- Reputational damage from grant misuse
- Loss of future funding
- Loss of funder trust, which can result in reduced future opportunities
- Hardship for residents, stakeholders and/or clients when money meant for them is stolen or wasted
- Clawbacks
To prevent those consequences, it is important to design grant programs that have the right governance and internal controls in place. Appropriate controls will vary based on the grant requirements, whether subrecipients are involved, and your organization’s capabilities. Typical controls include appropriate oversight of allowable expenditures, segregation of duties, review and signoff of expenditures, ensuring adequate financial reporting, IT user access controls and so forth.
Make sure your organization’s grant administration processes, procedures and controls are reviewed annually as part of your monitoring and compliance program. If your organization is not accustomed to managing grant funds and does not already have a monitoring and compliance program or perform annual internal audits, it is best to seek help early to make sure the right controls, appropriate documentation, subrecipient agreements and other important protections are in place and operating effectively.
Subrecipient Monitoring and Communications
Grantees are responsible for ensuring their subrecipients comply with program and audit requirements and resolve audit findings, as established in their subrecipient agreements, but this relationship is more of a partnership. Developing strong subrecipient agreements helps ensure everyone understands and agrees on how the grant funds will be used, how expenditures and processes will be documented, and what internal controls and monitoring programs are in place to ensure proper compliance.
Monitoring involves proper project oversight to ensure grant funds are used as intended and in compliance with cost principles and grant terms and conditions. If you are the primary grantee, your organization must review subrecipients’ financial reports, performance and program reports, and you must monitor compliance with administrative requirements. That monitoring may include evaluating and recommending improvements of subrecipients’ internal controls, especially for high-risk organizations unfamiliar with federal grant requirements. The monitoring relationship gives you the opportunity to provide technical assistance and help achieve successful project outcomes with your subrecipients.
Effective subrecipient monitoring can make the difference in having a successful grant program. Establish good relationships with subrecipients up front — listen and use empathy instead of commanding and controlling. Provide tools that work for different learning and operational styles, like one-on-one and recurring meetings, job aids, trainings, instructions or references. Conduct site visits, including virtual visits, and desk reviews. Use risk-based strategies to assess the management of grant funds and identify constructive ways to address weaknesses. Ensure subrecipient agreements are in place; if not, it is never too late to create one.
The Single Audit Requirement
Grant recipients and subrecipients that spend $750,000 or more in federal funds a year are subject to a single audit. Many organizations spending ARPA-driven funds, especially not-for-profit organizations, have never surpassed this spending threshold and are especially in need of help with “compliance from Day One.” The annual examination’s purpose is to demonstrate to the federal government (or granting agency) that you, as recipient, have complied with grant funding requirements and implemented satisfactory internal controls.
Single audits are designed to assess your adherence to a grant’s financial and compliance requirements laid out in the award contract and Uniform Guidance. The auditor will also review financial statements and the Schedule of Expenditures of Federal Awards (SEFA), assess your internal controls and follow up on any previous audit findings.
If the audit finds “material” (serious) noncompliance, you will be asked to address the issue. If the issue cannot be corrected or is severe enough, you could be forced to repay funds. Material findings in a single audit could also affect your eligibility for future federal grants, as well as diminishing community and stakeholder trust. Federal law allows the grant-making agency, a pass-through entity or the Department of Justice to impose one or more of these consequences:
- Temporarily withhold cash payments
- Disallow all or part of the cost of activities or actions not in compliance
- Wholly or partly suspend or terminate the award
- Initiate suspension or debarment proceedings (or in the case of a pass-through entity, recommend such a proceeding)
- Designate the award recipient as a high-risk recipient
- Withhold future awards for the project or program
Aside from financial and legal consequences, poor compliance and its public impacts can tarnish your organization’s reputation. This can lead to distrust from the public, potential donors, and harm your ability to receive funds from other grant sources as well as your brand with internal and external stakeholders.
A single audit can at times seem intimidating but instituting a compliance and monitoring program before a single audit is performed can help you see what you are doing successfully, as well as identifying areas for improvement. By staying aware and continually improving compliance, you can expand your capacity to use grant funds efficiently and increase your organization’s chances of receiving more federal funding in the future.
Common Single Audit Issues
Most single audit findings relate to unallowable costs, missing or incomplete financial and program documentation, late reports, limited or ineffective subrecipient monitoring, or poor governance and internal controls. These are some steps you can take to improve grant compliance and reduce the risk of findings in a single audit:
Effective Design, Deployment and Documentation
- Build an appropriate governance structure for the grant, requiring appropriate sign-offs and internal controls, as well as documentation of both decisions and expenditures.
- Understand and train staff on the requirements stated in the grant awards, and make sure each requirement is implemented from the design phase through administration and closeout.
- Establish frequent contact with the grant-making agency and any subgrantees or subrecipients you may have. Open lines of communication provide opportunities for you to clarify grant requirements and facilitate timely reporting. Establish subrecipient agreements to ensure both parties understand and agree on the requirements.
- Plan for the audit and closeout from the first day you receive the grant. Make sure there is an internal control to support every grant requirement, adding or strengthening controls early in the process.
- And, of course, document, document, document, and keep that documentation organized. All policies and procedures must be in writing, including IT policies that govern the systems your organization uses for grants management. Your organization and your subgrantees, if any, also need written procurement standards. Formalize how you select, award, and administer contracts paid with federal funds, and disclose any conflicts of interest.
Timely Reporting
Issue reports to the grantor on time, every time. Create a checklist of required reports and deadlines, then name someone accountable and build support for that person to complete reports timely. Centralize reports and supporting data, whether it be through a grants management platform or existing file system, and make it accessible in case staffing or work sites change. Plan for reporting to not be a “last-minute” task done a few days before each deadline, but rather, an ongoing process that engages stakeholders in constant reflection and improvement while building trust and accountability.
If you are passing grants through to subrecipients, establish subrecipient agreements and remember that both groups’ activities must be monitored and documented. Build a schedule with enough time to gather and confirm subrecipient data before each reporting deadline. Regularly check in with subrecipients and provide support and coaching where needed.
Strengthening Internal Controls
Robust compliance monitoring and internal controls can lower the risk of audit findings, if practiced consistently. Uniform Guidance requires grantees to have an internal control framework with at least the five elements defined in the table below: control environment; risk assessment; control activities; information and communication; and monitoring.
Internal Control Component | Definition | |
---|---|---|
Control Environment | The foundation for an internal control system. It provides the discipline and structure to help an entity achieve its objectives. | |
Risk Assessment | Assessing the risks facing the entity as it seeks to achieve its objectives. This assessment provides the basis for developing appropriate risk responses. | |
Control Activities | The actions that management establishes through policies and procedures to achieve objectives and respond to risks in the internal control system, which includes IT systems. | |
Information and Communication | The quality information management and personnel communicate and use to support the internal control system. | |
Source: The Standards for Internal Control in the Federal Government
Make sure policies and procedures account for the Uniform Guidance internal control requirements. But do not stop there. Work with program managers and an audit team to identify weaknesses and control gaps. Focus on addressing high-risk areas first and often, and review all policies and procedures regularly.
Consistent Collaboration Leads to Grants Success
Effective grant compliance requires ongoing and consistent collaboration among grantor, grantee and subrecipients. When there are multiple stakeholders, checks and balances occur more naturally. But first, everyone must be on the same page.
Make sure everyone understands the mission and purpose of the grant, who is accountable, and the compliance standards. Think of close out from day one. For grantees, that means considering factors such as:
- The contract amount and terms
- The scope of work
- Definitions of allowable vs. unallowable expenses
- Funding sources
- Reporting requirements, formats and schedules
- Subrecipient agreements
Include grantors, key internal stakeholders and internal auditors in compliance conversations so you understand their expectations in order to design and administer the program effectively and to ensure all parties understand the grant’s intent. These stakeholders want your programs to be effective, just as you do.
Compliance requirements change. Regularly review and update processes to match the current guidance and communicate these changes to staff. An independent partner can help you monitor and administer your program for compliance and prepare your organization for future audits. Consider hiring a vendor or third-party partner to design your compliance program and support effective management, documentation, and reporting of your grants. A third-party can also come in and perform reviews to ensure your organization is ready before an audit occurs.
Organizations that manage federal funds need enhanced mechanisms to effectively expend federal dollars — but they do not have to do it alone. Partnering with an independent consultant, like the professionals at Weaver, helps relieve the stress of creating a comprehensive anti-fraud and strong governance policy while ensuring the design and deployment of your grant program is aligned with the grant guidelines. Independent partners can review and update your processes to minimize risks associated with grant administration while fulfilling the program goals.
Compliance is the key to grant success, and we are here to help. Weaver is a national CPA firm with decades of experience in grant administration and management, risk assessment and compliance. We can offer you the depth of experience, management capabilities and technical knowledge you need to obtain, distribute, administer and monitor federal funds.
We have an end-to-end understanding of the grants lifecycle, having delivered successful grants-related engagements for numerous state and local governments. Our team brings multifaceted experience, not only as risk management professionals but as local, state and federal government employees who were both grantors and grantees of funds. With this view from both sides of the proverbial aisle, we offer clear understanding of the regulations and best practices grant recipients need to follow. Our team thinks of grant close out from day one to ensure programs are administered to minimize fraud, waste and abuse while maximizing your grant funding to accomplish your mission effectively.
© 2023