CARES Act: Are you subject to a federal compliance audit?

The Coronavirus Aid, Relief, and Economic Security (CARES) Act has provided an avenue for expenditure relief in the wake of the COVID-19 pandemic. Many organizations are receiving significant funding under the CARES Act, either directly from the U.S. Department of Treasury or through another entity, such as their state or county. In either case, the funds originate from the federal government, which means there are certain requirements that recipients must follow.

One requirement of accepting federal grant funding is the need to have a federal grant compliance audit, also known as a single audit. A single audit is required when a non-federal entity expends $750,000 or more in federal grant funds in a fiscal year. It is expected that many more entities will need single audits in the upcoming year due to the availability of relief funding for organizations.

Single audits focus on compliance as well as internal controls over compliance. Organizations that are facing the possibility of a single audit for the first time should consider if there are proper internal controls in place, such as:

• Management recognizes the importance of complying with federal requirements and has assigned responsibilities to appropriate personnel
• Proper policies are in place to address federal requirements, including procurement and subrecipient monitoring
• Management has assessed the risk of noncompliance with federal requirements
• Information systems provide accurate information to enable reliance on financial data
• Responsibilities are appropriately segregated among personnel administering the program
• There are effectively designed preventative and detective controls in place
• Periodic monitoring of compliance is documented

Noncompliance with federal awards or breakdowns in an organization’s internal controls can lead to negative consequences, such as repayment of funding. It is important for organizations to assess their “readiness” for a single audit to identify potential gaps and implement any necessary changes. This assessment should be completed as soon as possible to allow time for changes to be made prior to the end of the fiscal year.

Baker Tilly has developed a COVID-19 Single Audit Readiness Assessment to help organizations in this situation.