Key insights
- The OMB Compliance Supplement (CS) is a valuable tool for managing federal awards and supporting compliance with single audit requirements.
- Look in Part 4 or Part 5 to identify your program and get details on objectives, procedures, compliance requirements, and audit testing expectations.
- Parts 3 and 6 are great resources for assessing your overall understanding of the 12 compliance requirements and your organization’s internal controls, including internal controls over compliance.
- The CS is only a supplementary tool; it’s important to review grant agreements and seek clarification from awarding agencies about award-specific questions.
- Caveats concerning use of the CS include annual updates, the length of the document, and its primary focus on direct federal awards.
Federal awards management is often subjected to intense scrutiny. Auditors and awarding agencies recommend using your grant agreements as your primary source for determining program requirements, but there is an excellent supplementary guide on how to manage and understand program-specific federal compliance requirements: the Office of Management and Budget Compliance Supplement (CS).
The CS provides:
- An overview of single audit regulations,
- A detailed understanding of the 12 compliance requirements,
- Guidance on developing global and compliance-specific internal controls, and
- Program-specific understanding and guidance.
When using the CS to help with program management, focus on these key areas:
Step 1: Find your program
Look in Part 4, Agency Program Requirements or Part 5, Clusters of Programs. Every program listed in Parts 4 or 5 identifies:
- Program objectives
- Program procedures
- Source of grant requirements
- Compliance requirements subject to audit
- Program-specific management and audit testing expectations
If working with a new program, reviewing the program objectives and procedures can provide valuable perspective on what the federal government thinks is most critical to a program’s administration.
Regardless of your familiarity with a program, review the compliance requirements section, which summarizes what compliance requirements are subject to testing in the audit year.
For audit areas like “G – matching, level of effort, and earmarking” or “L – reporting” where there is a lot of variety across programs, Parts 4/5 narrow down the program-specific requirements. Since “N – special provisions” covers all compliance requirements, always check the CS and your grant agreement for any unusual grants management obligations that may need to undergo single audit testing.
Auditor discretion can still come into play, so it’s possible your auditors may deviate from the CS. For example, below are the compliance requirements identified for Community Development Block Grants in 2023. Although subrecipient monitoring is marked as “N” in the CS, if a significant portion of your federal funds were passed down to subrecipients, your auditors may deem it prudent to perform testing over that compliance area.
Step 2: Use Part 7 if your program is not in Part 4
If you’re working with one of the 1,500+ programs not individually identified, Part 7, Guidance for Auditing Programs not Included in this Compliance Supplement, can be very helpful for understanding what compliance requirements may be applicable to your program.
Part 7 gives guidance on identifying applicable compliance requirements and what audit testing might look like. Grant management teams administering Part 7 programs should thoroughly review the grant agreements. If you’re confused about what’s being asked of you, reach out to your awarding agency for clarification.
Step 3: Supplement your understanding of the programmatic requirements
If you’re still at a loss, peruse other parts of the CS, like Part 3, Compliance Requirements, and Part 6, Internal Controls. Part 3 gives a deep dive on each of the 12 compliance requirements, including suggested approaches to audit testing. Depending on the compliance requirement in question, you can find distinctions for different types of federal recipients and sub-elements contained within a single compliance requirement.
Because grants management encompasses compliance and developing internal controls over compliance, it’s worth reading through Part 6 of the CS. If you need to buffer your entity-wide control environment or are looking for illustrative examples of controls over a specific compliance area, you can find them in Part 6.
Caveats about the Compliance Supplement
- It’s updated every year, typically in early summer. It’s important to refer to the year that is applicable to your audit year, as the OMB updates programmatic priorities from year-to-year.
- The compliance matrix (Part 2) only captures the compliance requirements auditors are expected to test that year. You may still be responsible for additional applicable compliance requirements outlined in your grant awards.
- The CS is developed to aid auditors performing single audits. While much of the language and directives are auditor-specific, the underlying program guidance is useful for anyone involved in program understanding, application, and management. Plus, it’s a great way to get a sneak-peek at what your auditors are going to be looking for when they begin testing.
- The CS is primarily written to address the needs of direct federal awards. If you receive federal funding from a pass-through entity (PTE), some federal requirements may not be applicable to you, or may be modified by the PTE.
- It’s long! Most years the CS totals ~2,000 pages. When possible, only open the sections of the CS you need. Get used to performing a Ctrl + F search to find key words and sections quickly.
How CLA can help with grants management
Although daunting at first, the CS is an excellent tool to help direct your focus when managing federal awards.
If you need further assistance with grants management, single audit preparation services, or need to engage an auditor to perform your single audit, CLA’s audit professionals have experience serving grant applicants and recipients, including nonprofits, higher education institutions, and state and local governments.
Contact us
Enhance your grants management and compliance capabilities. Complete the form below to connect with CLA.If you are unable to see the form below, please complete your submission here.