TO THE HEADS OF EXECUTIVE DEPARTMENTS AND ESTABLISHMENTS
SUBJECT: Audits of States, Local Governments, and Non-Profit Organizations
1. Purpose. This Circular is issued pursuant to the Single Audit
Act of 1984, P.L. 98-502, and the Single Audit Act Amendments of 1996,
P.L. 104-156. It sets forth standards for obtaining consistency and uniformity
among Federal agencies for the audit of States, local governments, and
non-profit organizations expending Federal awards.
2. Authority. Circular A-133 is issued under the authority of
sections 503, 1111, and 7501 et seq. of title 31, United States
Code, and Executive Orders 8248 and 11541.
3. Rescission and Supersession. This Circular rescinds Circular
A-128, "Audits of State and Local Governments," issued April
12, 1985, and supersedes the prior Circular A-133, "Audits of Institutions
of Higher Education and Other Non-Profit Institutions," issued April
22, 1996. For effective dates, see paragraph 10.
4. Policy. Except as provided herein, the standards set forth
in this Circular shall be applied by all Federal agencies. If any statute
specifically prescribes policies or specific requirements that differ from
the standards provided herein, the provisions of the subsequent statute
shall govern.
Federal agencies shall apply the provisions of the sections of this
Circular to non-Federal entities, whether they are recipients expending
Federal awards received directly from Federal awarding agencies, or are
subrecipients expending Federal awards received from a pass-through entity
(a recipient or another subrecipient).
This Circular does not apply to non-U.S. based entities expending Federal
awards received either directly as a recipient or indirectly as a subrecipient.
5. Definitions. The definitions of key terms used in this Circular are contained in §___.105 in the Attachment to this Circular.
6. Required Action. The specific requirements and responsibilities
of Federal agencies and non-Federal entities are set forth in the Attachment
to this Circular. Federal agencies making awards to non-Federal entities,
either directly or indirectly, shall adopt the language in the Circular
in codified regulations as provided in Section 10 (below), unless different
provisions are required by Federal statute or are approved by the Office
of Management and Budget (OMB).
7. OMB Responsibilities. OMB will review Federal agency regulations
and implementation of this Circular, and will provide interpretations of
policy requirements and assistance to ensure uniform, effective and efficient
implementation.
8. Information Contact. Further information concerning Circular
A-133 may be obtained by contacting the Financial Standards and Reporting
Branch, Office of Federal Financial Management, Office of Management and
Budget, Washington, DC 20503, telephone (202) 395-3993.
9. Review Date. This Circular will have a policy review three
years from the date of issuance.
10. Effective Dates. The standards set forth in §___.400
of the Attachment to this Circular, which apply directly to Federal agencies,
shall be effective July 1, 1996, and shall apply to audits of fiscal years
beginning after June 30, 1996, except as otherwise specified in §___.400(a).
The standards set forth in this Circular that Federal agencies shall
apply to non-Federal entities shall be adopted by Federal agencies in codified
regulations not later than 60 days after publication of this final revision
in the Federal Register, so that they will apply to audits of fiscal
years beginning after June 30, 1996, with the exception that §___.305(b)
of the Attachment applies to audits of fiscal years beginning after June
30, 1998. The requirements of Circular A-128, although the Circular is
rescinded, and the 1990 version of Circular A-133 remain in effect for
audits of fiscal years beginning on or before June 30, 1996.
Franklin D. Raines
Director
Attachment
Sec.
__.100 Purpose.
__.105 Definitions.
__.200 Audit requirements.
__.205 Basis for determining Federal awards expended.
__.210 Subrecipient and vendor determinations.
__.215 Relation to other audit requirements.
__.220 Frequency of audits.
__.225 Sanctions.
__.230 Audit costs.
__.235 Program-specific audits.
__.300 Auditee responsibilities.
__.305 Auditor selection.
__.310 Financial statements.
__.315 Audit findings follow-up.
__.320 Report submission.
Subpart D--Federal Agencies and Pass-Through Entities
__.400 Responsibilities.
__.405 Management decision.
__.500 Scope of audit.
__.505 Audit reporting.
__.510 Audit findings.
__.515 Audit working papers.
__.520 Major program determination.
__.525 Criteria for Federal program risk.
__.530 Criteria for a low-risk auditee.
Appendix A to Part __ - Data Collection Form (Form SF-SAC).
Appendix B to Part __ - Circular A-133 Compliance Supplement.
§___.100 Purpose.
This part sets forth standards for obtaining consistency and uniformity
among Federal agencies for the audit of non-Federal entities expending
Federal awards.
§___.105 Definitions.
Auditee means any non-Federal entity that expends Federal awards which must be audited under this part. Auditor means an auditor, that is a public accountant or a Federal, State or local government audit organization, which meets the general standards specified in generally accepted government auditing standards (GAGAS). The term auditor does not include internal auditors of non-profit organizations.
Audit finding means deficiencies which the auditor is required
by §___.510(a) to report in the schedule of findings and questioned
costs.
CFDA number means the number assigned to a Federal program
in the Catalog of Federal Domestic Assistance (CFDA).
Cluster of programs means a grouping of closely related programs
that share common compliance requirements. The types of clusters of programs
are research and development (R&D), student financial aid (SFA), and
other clusters. "Other clusters" are as defined by the Office
of Management and Budget (OMB) in the compliance supplement or as designated
by a State for Federal awards the State provides to its subrecipients that
meet the definition of a cluster of programs. When designating an "other
cluster," a State shall identify the Federal awards included in the
cluster and advise the subrecipients of compliance requirements applicable
to the cluster, consistent with §___.400(d)(1) and §___.400(d)(2),
respectively. A cluster of programs shall be considered as one program
for determining major programs, as described in §___.520, and, with
the exception of R&D as described in §___.200(c), whether a program-specific
audit may be elected.
Cognizant agency for audit means the Federal agency designated
to carry out the responsibilities described in §___.400(a).
Compliance supplement refers to the Circular A-133 Compliance
Supplement, included as Appendix B to Circular A-133, or such documents
as OMB or its designee may issue to replace it. This document is available
from the Government Printing Office, Superintendent of Documents, Washington,
DC 20402-9325.
Corrective action means action taken by the auditee that:
(1) Corrects identified deficiencies;
(2) Produces recommended improvements; or
(3) Demonstrates that audit findings are either invalid or do not
warrant auditee action.
Federal agency has the same meaning as the term agency
in Section 551(1) of title 5, United States Code. Federal award
means Federal financial assistance and Federal cost-reimbursement contracts
that non-Federal entities receive directly from Federal awarding agencies
or indirectly from pass-through entities. It does not include procurement
contracts, under grants or contracts, used to buy goods or services from
vendors. Any audits of such vendors shall be covered by the terms and conditions
of the contract. Contracts to operate Federal Government owned, contractor
operated facilities (GOCOs) are excluded from the requirements of this
part.
Federal awarding agency means the Federal agency that provides
an award directly to the recipient.
Federal financial assistance means assistance that non-Federal
entities receive or administer in the form of grants, loans, loan guarantees,
property (including donated surplus property), cooperative agreements,
interest subsidies, insurance, food commodities, direct appropriations,
and other assistance, but does not include amounts received as reimbursement
for services rendered to individuals as described in §___.205(h) and
§___.205(i).
Federal program means:
(1) All Federal awards to a non-Federal entity assigned a single
number in the CFDA.
(2) When no CFDA number is assigned, all Federal awards from the
same agency made for the same purpose should be combined and considered
one program.
(3) Notwithstanding paragraphs (1) and (2) of this definition, a
cluster of programs. The types of clusters of programs are:
(i) Research and development (R&D);
(ii) Student financial aid (SFA); and
(iii) "Other clusters," as described in the definition
of cluster of programs in this section.
GAGAS means generally accepted government auditing standards
issued by the Comptroller General of the United States, which are applicable
to financial audits.
Generally accepted accounting principles has the meaning specified
in generally accepted auditing standards issued by the American Institute
of Certified Public Accountants (AICPA).
Indian tribe means any Indian tribe, band, nation, or other
organized group or community, including any Alaskan Native village or regional
or village corporation (as defined in, or established under, the Alaskan
Native Claims Settlement Act) that is recognized by the United States as
eligible for the special programs and services provided by the United States
to Indians because of their status as Indians.
Internal control means a process, effected by an entity's
management and other personnel, designed to provide reasonable assurance
regarding the achievement of objectives in the following categories:
(1) Effectiveness and efficiency of operations;
(2) Reliability of financial reporting; and
(3) Compliance with applicable laws and regulations.
Internal control pertaining to the compliance requirements for Federal programs (Internal control over Federal programs) means a process--effected by an entity's management and other personnel--designed to provide reasonable assurance regarding the achievement of the following objectives for Federal programs:
(1) Transactions are properly recorded and accounted for to:
(i) Permit the preparation of reliable financial statements and Federal
reports;
(ii) Maintain accountability over assets; and
(iii) Demonstrate compliance with laws, regulations, and other compliance
requirements;
(2) Transactions are executed in compliance with:
(i) Laws, regulations, and the provisions of contracts or grant agreements
that could have a direct and material effect on a Federal program; and
(ii) Any other laws and regulations that are identified in the compliance
supplement; and
(3) Funds, property, and other assets are safeguarded against loss
from unauthorized use or disposition.
Loan means a Federal loan or loan guarantee received or administered
by a non-Federal entity.
Local government means any unit of local government within
a State, including a county, borough, municipality, city, town, township,
parish, local public authority, special district, school district, intrastate
district, council of governments, and any other instrumentality of local
government.
Major program means a Federal program determined by the auditor
to be a major program in accordance with §___.520 or a program identified
as a major program by a Federal agency or pass-through entity in accordance
with §___.215(c).
Management decision means the evaluation by the Federal awarding
agency or pass-through entity of the audit findings and corrective action
plan and the issuance of a written decision as to what corrective action
is necessary.
Non-Federal entity means a State, local government, or non-profit
organization.
Non-profit organization means:
(1) any corporation, trust, association, cooperative, or other organization
that:
(i) Is operated primarily for scientific, educational, service, charitable,
or similar purposes in the public interest;
(ii) Is not organized primarily for profit; and
(iii) Uses its net proceeds to maintain, improve, or expand its operations;
and
(2) The term non-profit organization includes non-profit institutions
of higher education and hospitals.
OMB means the Executive Office of the President, Office of
Management and Budget.
Oversight agency for audit means the Federal awarding agency
that provides the predominant amount of direct funding to a recipient not
assigned a cognizant agency for audit. When there is no direct funding,
the Federal agency with the predominant indirect funding shall assume the
oversight responsibilities. The duties of the oversight agency for audit
are described in §___.400(b).
Pass-through entity means a non-Federal entity that provides
a Federal award to a subrecipient to carry out a Federal program.
Program-specific audit means an audit of one Federal program
as provided for in §___.200(c) and §___.235.
Questioned cost means a cost that is questioned by the auditor
because of an audit finding:
(1) Which resulted from a violation or possible violation of a provision
of a law, regulation, contract, grant, cooperative agreement, or other
agreement or document governing the use of Federal funds, including funds
used to match Federal funds;
(2) Where the costs, at the time of the audit, are not supported
by adequate documentation; or
(3) Where the costs incurred appear unreasonable and do not reflect
the actions a prudent person would take in the circumstances.
Recipient means a non-Federal entity that expends Federal
awards received directly from a Federal awarding agency to carry out a
Federal program.
Research and development (R&D) means all research activities,
both basic and applied, and all development activities that are performed
by a non-Federal entity. Research is defined as a systematic study
directed toward fuller scientific knowledge or understanding of the subject
studied. The term research also includes activities involving the training
of individuals in research techniques where such activities utilize the
same facilities as other research and development activities and where
such activities are not included in the instruction function. Development
is the systematic use of knowledge and understanding gained from research
directed toward the production of useful materials, devices, systems, or
methods, including design and development of prototypes and processes.
Single audit means an audit which includes both the entity's
financial statements and the Federal awards as described in §___.500.
State means any State of the United States, the District of
Columbia, the Commonwealth of Puerto Rico, the Virgin Islands, Guam, American
Samoa, the Commonwealth of the Northern Mariana Islands, and the Trust
Territory of the Pacific Islands, any instrumentality thereof, any multi-State,
regional, or interstate entity which has governmental functions, and any
Indian tribe as defined in this section.
Student Financial Aid (SFA) includes those programs of general
student assistance, such as those authorized by Title IV of the Higher
Education Act of 1965, as amended, (20 U.S.C. 1070 et seq.) which
is administered by the U.S. Department of Education, and similar programs
provided by other Federal agencies. It does not include programs which
provide fellowships or similar Federal awards to students on a competitive
basis, or for specified studies or research.
Subrecipient means a non-Federal entity that expends Federal
awards received from a pass-through entity to carry out a Federal program,
but does not include an individual that is a beneficiary of such a program.
A subrecipient may also be a recipient of other Federal awards directly
from a Federal awarding agency. Guidance on distinguishing between a subrecipient
and a vendor is provided in §___.210.
Types of compliance requirements refers to the types of compliance
requirements listed in the compliance supplement. Examples include: activities
allowed or unallowed; allowable costs/cost principles; cash management;
eligibility; matching, level of effort, earmarking; and, reporting.
Vendor means a dealer, distributor, merchant, or other seller
providing goods or services that are required for the conduct of a Federal
program. These goods or services may be for an organization's own use or
for the use of beneficiaries of the Federal program. Additional guidance
on distinguishing between a subrecipient and a vendor is provided in §___.210.
§___.200 Audit requirements.
(a) Audit required. Non-Federal entities that expend $300,000
or more in a year in Federal awards shall have a single or program-specific
audit conducted for that year in accordance with the provisions of this
part. Guidance on determining Federal awards expended is provided in §___.205.
(b) Single audit. Non-Federal entities that expend $300,000
or more in a year in Federal awards shall have a single audit conducted
in accordance with §___.500 except when they elect to have a program-specific
audit conducted in accordance with paragraph (c) of this section.
(c) Program-specific audit election. When an auditee expends
Federal awards under only one Federal program (excluding R&D) and the
Federal program's laws, regulations, or grant agreements do not require
a financial statement audit of the auditee, the auditee may elect to have
a program-specific audit conducted in accordance with §___.235. A
program-specific audit may not be elected for R&D unless all of the
Federal awards expended were received from the same Federal agency, or
the same Federal agency and the same pass-through entity, and that Federal
agency, or pass-through entity in the case of a subrecipient, approves
in advance a program-specific audit.
(d) Exemption when Federal awards expended are less than $300,000.
Non-Federal entities that expend less than $300,000 a year in Federal awards
are exempt from Federal audit requirements for that year, except as noted
in §___.215(a), but records must be available for review or audit
by appropriate officials of the Federal agency, pass-through entity, and
General Accounting Office (GAO).
(e) Federally Funded Research and Development Centers (FFRDC).
Management of an auditee that owns or operates a FFRDC may elect to treat
the FFRDC as a separate entity for purposes of this part.
§___.205 Basis for determining Federal awards expended.
(a) Determining Federal awards expended. The determination
of when an award is expended should be based on when the activity related
to the award occurs. Generally, the activity pertains to events that require
the non-Federal entity to comply with laws, regulations, and the provisions
of contracts or grant agreements, such as: expenditure/expense transactions
associated with grants, cost-reimbursement contracts, cooperative agreements,
and direct appropriations; the disbursement of funds passed through to
subrecipients; the use of loan proceeds under loan and loan guarantee programs;
the receipt of property; the receipt of surplus property; the receipt or
use of program income; the distribution or consumption of food commodities;
the disbursement of amounts entitling the non-Federal entity to an interest
subsidy; and, the period when insurance is in force.
(b) Loan and loan guarantees (loans). Since the Federal Government
is at risk for loans until the debt is repaid, the following guidelines
shall be used to calculate the value of Federal awards expended under loan
programs, except as noted in paragraphs (c) and (d) of this section:
(1) Value of new loans made or received during the fiscal year; plus
(2) Balance of loans from previous years for which the Federal Government
imposes continuing compliance requirements; plus
(3) Any interest subsidy, cash, or administrative cost allowance
received.
(c) Loan and loan guarantees (loans) at institutions of higher
education. When loans are made to students of an institution of higher
education but the institution does not make the loans, then only the value
of loans made during the year shall be considered Federal awards expended
in that year. The balance of loans for previous years is not included as
Federal awards expended because the lender accounts for the prior balances.
(d) Prior loan and loan guarantees (loans). Loans, the proceeds
of which were received and expended in prior-years, are not considered
Federal awards expended under this part when the laws, regulations, and
the provisions of contracts or grant agreements pertaining to such loans
impose no continuing compliance requirements other than to repay the loans.
(e) Endowment funds. The cumulative balance of Federal awards
for endowment funds which are federally restricted are considered awards
expended in each year in which the funds are still restricted.
(f) Free rent. Free rent received by itself is not considered
a Federal award expended under this part. However, free rent received as
part of an award to carry out a Federal program shall be included in determining
Federal awards expended and subject to audit under this part.
(g) Valuing non-cash assistance. Federal non-cash assistance,
such as free rent, food stamps, food commodities, donated property, or
donated surplus property, shall be valued at fair market value at the time
of receipt or the assessed value provided by the Federal agency.
(h) Medicare. Medicare payments to a non-Federal entity for
providing patient care services to Medicare eligible individuals are not
considered Federal awards expended under this part.
(i) Medicaid. Medicaid payments to a subrecipient for providing
patient care services to Medicaid eligible individuals are not considered
Federal awards expended under this part unless a State requires the funds
to be treated as Federal awards expended because reimbursement is on a
cost-reimbursement basis.
(j) Certain loans provided by the National Credit Union Administration.
For purposes of this part, loans made from the National Credit Union Share
Insurance Fund and the Central Liquidity Facility that are funded by contributions
from insured institutions are not considered Federal awards expended.
§___.210 Subrecipient and vendor determinations.
(a) General. An auditee may be a recipient, a subrecipient,
and a vendor. Federal awards expended as a recipient or a subrecipient
would be subject to audit under this part. The payments received for goods
or services provided as a vendor would not be considered Federal awards.
The guidance in paragraphs (b) and (c) of this section should be considered
in determining whether payments constitute a Federal award or a payment
for goods and services.
(b) Federal award. Characteristics indicative of a Federal
award received by a subrecipient are when the organization:
(1) Determines who is eligible to receive what Federal financial
assistance;
(2) Has its performance measured against whether the objectives of
the Federal program are met;
(3) Has responsibility for programmatic decision making;
(4) Has responsibility for adherence to applicable Federal program
compliance requirements; and
(5) Uses the Federal funds to carry out a program of the organization
as compared to providing goods or services for a program of the pass-through
entity.
(c) Payment for goods and services. Characteristics indicative
of a payment for goods and services received by a vendor are when the organization:
(1) Provides the goods and services within normal business operations;
(2) Provides similar goods or services to many different purchasers;
(3) Operates in a competitive environment;
(4) Provides goods or services that are ancillary to the operation
of the Federal program; and
(5) Is not subject to compliance requirements of the Federal program.
(d) Use of judgment in making determination. There may be
unusual circumstances or exceptions to the listed characteristics. In making
the determination of whether a subrecipient or vendor relationship exists,
the substance of the relationship is more important than the form of the
agreement. It is not expected that all of the characteristics will be present
and judgment should be used in determining whether an entity is a subrecipient
or vendor.
(e) For-profit subrecipient. Since this part does not apply
to for-profit subrecipients, the pass-through entity is responsible for
establishing requirements, as necessary, to ensure compliance by for-profit
subrecipients. The contract with the for-profit subrecipient should describe
applicable compliance requirements and the for-profit subrecipient's compliance
responsibility. Methods to ensure compliance for Federal awards made to
for-profit subrecipients may include pre-award audits, monitoring during
the contract, and post-award audits.
(f) Compliance responsibility for vendors. In most cases,
the auditee's compliance responsibility for vendors is only to ensure that
the procurement, receipt, and payment for goods and services comply with
laws, regulations, and the provisions of contracts or grant agreements.
Program compliance requirements normally do not pass through to vendors.
However, the auditee is responsible for ensuring compliance for vendor
transactions which are structured such that the vendor is responsible for
program compliance or the vendor's records must be reviewed to determine
program compliance. Also, when these vendor transactions relate to a major
program, the scope of the audit shall include determining whether these
transactions are in compliance with laws, regulations, and the provisions
of contracts or grant agreements.
§___.215 Relation to other audit requirements.
(a) Audit under this part in lieu of other audits. An audit
made in accordance with this part shall be in lieu of any financial audit
required under individual Federal awards. To the extent this audit meets
a Federal agency's needs, it shall rely upon and use such audits. The provisions
of this part neither limit the authority of Federal agencies, including
their Inspectors General, or GAO to conduct or arrange for additional audits
(e.g., financial audits, performance audits, evaluations, inspections,
or reviews) nor authorize any auditee to constrain Federal agencies from
carrying out additional audits. Any additional audits shall be planned
and performed in such a way as to build upon work performed by other auditors.
(b) Federal agency to pay for additional audits. A Federal
agency that conducts or contracts for additional audits shall, consistent
with other applicable laws and regulations, arrange for funding the full
cost of such additional audits.
(c) Request for a program to be audited as a major program.
A Federal agency may request an auditee to have a particular Federal program
audited as a major program in lieu of the Federal agency conducting or
arranging for the additional audits. To allow for planning, such requests
should be made at least 180 days prior to the end of the fiscal year to
be audited. The auditee, after consultation with its auditor, should promptly
respond to such request by informing the Federal agency whether the program
would otherwise be audited as a major program using the risk-based audit
approach described in §___.520 and, if not, the estimated incremental
cost. The Federal agency shall then promptly confirm to the auditee whether
it wants the program audited as a major program. If the program is to be
audited as a major program based upon this Federal agency request, and
the Federal agency agrees to pay the full incremental costs, then the auditee
shall have the program audited as a major program. A pass-through entity
may use the provisions of this paragraph for a subrecipient.
§___.220 Frequency of audits.
Except for the provisions for biennial audits provided in paragraphs
(a) and (b) of this section, audits required by this part shall be performed
annually. Any biennial audit shall cover both years within the biennial
period.
(a) A State or local government that is required by constitution
or statute, in effect on January 1, 1987, to undergo its audits less frequently
than annually, is permitted to undergo its audits pursuant to this part
biennially. This requirement must still be in effect for the biennial period
under audit.
(b) Any non-profit organization that had biennial audits for all
biennial periods ending between July 1, 1992, and January 1, 1995, is permitted
to undergo its audits pursuant to this part biennially.
§___.225 Sanctions.
No audit costs may be charged to Federal awards when audits required
by this part have not been made or have been made but not in accordance
with this part. In cases of continued inability or unwillingness to have
an audit conducted in accordance with this part, Federal agencies and pass-through
entities shall take appropriate action using sanctions such as:
(a) Withholding a percentage of Federal awards until the audit is
completed satisfactorily;
(b) Withholding or disallowing overhead costs;
(c) Suspending Federal awards until the audit is conducted; or
(d) Terminating the Federal award.
§___.230 Audit costs.
(a) Allowable costs. Unless prohibited by law, the cost of
audits made in accordance with the provisions of this part are allowable
charges to Federal awards. The charges may be considered a direct cost
or an allocated indirect cost, as determined in accordance with the provisions
of applicable OMB cost principles circulars, the Federal Acquisition Regulation
(FAR) (48 CFR parts 30 and 31), or other applicable cost principles or
regulations.
(b) Unallowable costs. A non-Federal entity shall not charge
the following to a Federal award:
(1) The cost of any audit under the Single Audit Act Amendments of
1996 (31 U.S.C. 7501 et seq.) not conducted in accordance with this
part.
(2) The cost of auditing a non-Federal entity which has Federal awards
expended of less than $300,000 per year and is thereby exempted under §___.200(d)
from having an audit conducted under this part. However, this does not
prohibit a pass-through entity from charging Federal awards for the cost
of limited scope audits to monitor its subrecipients in accordance with
§___.400(d)(3), provided the subrecipient does not have a single audit.
For purposes of this part, limited scope audits only include agreed-upon
procedures engagements conducted in accordance with either the AICPA's
generally accepted auditing standards or attestation standards, that are
paid for and arranged by a pass-through entity and address only one or
more of the following types of compliance requirements: activities allowed
or unallowed; allowable costs/cost principles; eligibility; matching, level
of effort, earmarking; and, reporting.
§___.235 Program-specific audits.
(a) Program-specific audit guide available. In many cases,
a program-specific audit guide will be available to provide specific guidance
to the auditor with respect to internal control, compliance requirements,
suggested audit procedures, and audit reporting requirements. The auditor
should contact the Office of Inspector General of the Federal agency to
determine whether such a guide is available. When a current program-specific
audit guide is available, the auditor shall follow GAGAS and the guide
when performing a program-specific audit.
(b) Program-specific audit guide not available. (1) When a
program-specific audit guide is not available, the auditee and auditor
shall have basically the same responsibilities for the Federal program
as they would have for an audit of a major program in a single audit.
(2) The auditee shall prepare the financial statement(s) for the
Federal program that includes, at a minimum, a schedule of expenditures
of Federal awards for the program and notes that describe the significant
accounting policies used in preparing the schedule, a summary schedule
of prior audit findings consistent with the requirements of §___.315(b),
and a corrective action plan consistent with the requirements of §___.315(c).
(3) The auditor shall:
(i) Perform an audit of the financial statement(s) for the Federal
program in accordance with GAGAS;
(ii) Obtain an understanding of internal control and perform tests
of internal control over the Federal program consistent with the requirements
of §___.500(c) for a major program;
(iii) Perform procedures to determine whether the auditee has complied
with laws, regulations, and the provisions of contracts or grant agreements
that could have a direct and material effect on the Federal program consistent
with the requirements of §___.500(d) for a major program; and
(iv) Follow up on prior audit findings, perform procedures to assess
the reasonableness of the summary schedule of prior audit findings prepared
by the auditee, and report, as a current year audit finding, when the auditor
concludes that the summary schedule of prior audit findings materially
misrepresents the status of any prior audit finding in accordance with
the requirements of §___.500(e).
(4) The auditor's report(s) may be in the form of either combined
or separate reports and may be organized differently from the manner presented
in this section. The auditor's report(s) shall state that the audit was
conducted in accordance with this part and include the following:
(i) An opinion (or disclaimer of opinion) as to whether the financial
statement(s) of the Federal program is presented fairly in all material
respects in conformity with the stated accounting policies;
(ii) A report on internal control related to the Federal program,
which shall describe the scope of testing of internal control and the results
of the tests;
(iii) A report on compliance which includes an opinion (or disclaimer
of opinion) as to whether the auditee complied with laws, regulations,
and the provisions of contracts or grant agreements which could have a
direct and material effect on the Federal program; and
(iv) A schedule of findings and questioned costs for the Federal
program that includes a summary of the auditor's results relative to the
Federal program in a format consistent with §___.505(d)(1) and findings
and questioned costs consistent with the requirements of §___.505(d)(3).
(c) Report submission for program-specific audits.
(1) The audit shall be completed and the reporting required by paragraph
(c)(2) or (c)(3) of this section submitted within the earlier of 30 days
after receipt of the auditor's report(s), or nine months after the end
of the audit period, unless a longer period is agreed to in advance by
the Federal agency that provided the funding or a different period is specified
in a program-specific audit guide. (However, for fiscal years beginning
on or before June 30, 1998, the audit shall be completed and the required
reporting shall be submitted within the earlier of 30 days after receipt
of the auditor's report(s), or 13 months after the end of the audit period,
unless a different period is specified in a program-specific audit guide.)
Unless restricted by law or regulation, the auditee shall make report copies
available for public inspection.
(2) When a program-specific audit guide is available, the auditee
shall submit to the Federal clearinghouse designated by OMB the data collection
form prepared in accordance with §___.320(b), as applicable to a program-specific
audit, and the reporting required by the program-specific audit guide to
be retained as an archival copy. Also, the auditee shall submit to the
Federal awarding agency or pass-through entity the reporting required by
the program-specific audit guide.
(3) When a program-specific audit guide is not available, the reporting
package for a program-specific audit shall consist of the financial statement(s)
of the Federal program, a summary schedule of prior audit findings, and
a corrective action plan as described in paragraph (b)(2) of this section,
and the auditor's report(s) described in paragraph (b)(4) of this section.
The data collection form prepared in accordance with §___.320(b),
as applicable to a program-specific audit, and one copy of this reporting
package shall be submitted to the Federal clearinghouse designated by OMB
to be retained as an archival copy. Also, when the schedule of findings
and questioned costs disclosed audit findings or the summary schedule of
prior audit findings reported the status of any audit findings, the auditee
shall submit one copy of the reporting package to the Federal clearinghouse
on behalf of the Federal awarding agency, or directly to the pass-through
entity in the case of a subrecipient. Instead of submitting the reporting
package to the pass-through entity, when a subrecipient is not required
to submit a reporting package to the pass-through entity, the subrecipient
shall provide written notification to the pass-through entity, consistent
with the requirements of §___.320(e)(2). A subrecipient may submit
a copy of the reporting package to the pass-through entity to comply with
this notification requirement.
(d) Other sections of this part may apply. Program-specific
audits are subject to §___.100 through §___.215(b), §___.220
through §___.230, §___.300 through §___.305, §___.315,
§___.320(f) through §___.320(j), §___.400 through §___.405,
§___.510 through §___.515, and other referenced provisions of
this part unless contrary to the provisions of this section, a program-specific
audit guide, or program laws and regulations.
§___.300 Auditee responsibilities.
The auditee shall:
(a) Identify, in its accounts, all Federal awards received and expended
and the Federal programs under which they were received. Federal program
and award identification shall include, as applicable, the CFDA title and
number, award number and year, name of the Federal agency, and name of
the pass-through entity.
(b) Maintain internal control over Federal programs that provides
reasonable assurance that the auditee is managing Federal awards in compliance
with laws, regulations, and the provisions of contracts or grant agreements
that could have a material effect on each of its Federal programs.
(c) Comply with laws, regulations, and the provisions of contracts
or grant agreements related to each of its Federal programs.
(d) Prepare appropriate financial statements, including the schedule
of expenditures of Federal awards in accordance with §___.310.
(e) Ensure that the audits required by this part are properly performed
and submitted when due. When extensions to the report submission due date
required by §___.320(a) are granted by the cognizant or oversight
agency for audit, promptly notify the Federal clearinghouse designated
by OMB and each pass-through entity providing Federal awards of the extension.
(f) Follow up and take corrective action on audit findings, including
preparation of a summary schedule of prior audit findings and a corrective
action plan in accordance with §___.315(b) and §___.315(c), respectively.
§___.305 Auditor selection.
(a) Auditor procurement. In procuring audit services, auditees
shall follow the procurement standards prescribed by the Grants Management
Common Rule (hereinafter referred to as the "A-102 Common Rule")
published March 11, 1988 and amended April 19, 1995 [insert appropriate
CFR citation], Circular A-110, "Uniform Administrative Requirements
for Grants and Agreements with Institutions of Higher Education, Hospitals
and Other Non-Profit Organizations," or the FAR (48 CFR part 42),
as applicable (OMB Circulars are available from the Office of Administration,
Publications Office, room 2200, New Executive Office Building, Washington,
DC 20503). Whenever possible, auditees shall make positive efforts to utilize
small businesses, minority-owned firms, and women's business enterprises,
in procuring audit services as stated in the A-102 Common Rule, OMB Circular
A-110, or the FAR (48 CFR part 42), as applicable. In requesting proposals
for audit services, the objectives and scope of the audit should be made
clear. Factors to be considered in evaluating each proposal for audit services
include the responsiveness to the request for proposal, relevant experience,
availability of staff with professional qualifications and technical abilities,
the results of external quality control reviews, and price.
(b) Restriction on auditor preparing indirect cost proposals.
An auditor who prepares the indirect cost proposal or cost allocation plan
may not also be selected to perform the audit required by this part when
the indirect costs recovered by the auditee during the prior year exceeded
$1 million. This restriction applies to the base year used in the preparation
of the indirect cost proposal or cost allocation plan and any subsequent
years in which the resulting indirect cost agreement or cost allocation
plan is used to recover costs. To minimize any disruption in existing contracts
for audit services, this paragraph applies to audits of fiscal years beginning
after June 30, 1998.
(c) Use of Federal auditors. Federal auditors may perform
all or part of the work required under this part if they comply fully with
the requirements of this part.
§___.310 Financial statements.
(a) Financial statements. The auditee shall prepare financial
statements that reflect its financial position, results of operations or
changes in net assets, and, where appropriate, cash flows for the fiscal
year audited. The financial statements shall be for the same organizational
unit and fiscal year that is chosen to meet the requirements of this part.
However, organization-wide financial statements may also include departments,
agencies, and other organizational units that have separate audits in accordance
with §___.500(a) and prepare separate financial statements.
(b) Schedule of expenditures of Federal awards. The auditee
shall also prepare a schedule of expenditures of Federal awards for the
period covered by the auditee's financial statements. While not required,
the auditee may choose to provide information requested by Federal awarding
agencies and pass-through entities to make the schedule easier to use.
For example, when a Federal program has multiple award years, the auditee
may list the amount of Federal awards expended for each award year separately.
At a minimum, the schedule shall:
(1) List individual Federal programs by Federal agency. For Federal
programs included in a cluster of programs, list individual Federal programs
within a cluster of programs. For R&D, total Federal awards expended
shall be shown either by individual award or by Federal agency and major
subdivision within the Federal agency. For example, the National Institutes
of Health is a major subdivision in the Department of Health and Human
Services.
(2) For Federal awards received as a subrecipient, the name of the
pass-through entity and identifying number assigned by the pass-through
entity shall be included.
(3) Provide total Federal awards expended for each individual Federal
program and the CFDA number or other identifying number when the CFDA information
is not available.
(4) Include notes that describe the significant accounting policies
used in preparing the schedule.
(5) To the extent practical, pass-through entities should identify
in the schedule the total amount provided to subrecipients from each Federal
program.
(6) Include, in either the schedule or a note to the schedule, the
value of the Federal awards expended in the form of non-cash assistance,
the amount of insurance in effect during the year, and loans or loan guarantees
outstanding at year end. While not required, it is preferable to present
this information in the schedule.
§___.315 Audit findings follow-up.
(a) General. The auditee is responsible for follow-up and
corrective action on all audit findings. As part of this responsibility,
the auditee shall prepare a summary schedule of prior audit findings. The
auditee shall also prepare a corrective action plan for current year audit
findings. The summary schedule of prior audit findings and the corrective
action plan shall include the reference numbers the auditor assigns to
audit findings under §___.510(c). Since the summary schedule may include
audit findings from multiple years, it shall include the fiscal year in
which the finding initially occurred.
(b) Summary schedule of prior audit findings. The summary
schedule of prior audit findings shall report the status of all audit findings
included in the prior audit's schedule of findings and questioned costs
relative to Federal awards. The summary schedule shall also include audit
findings reported in the prior audit's summary schedule of prior audit
findings except audit findings listed as corrected in accordance with paragraph
(b)(1) of this section, or no longer valid or not warranting further action
in accordance with paragraph (b)(4) of this section.
(1) When audit findings were fully corrected, the summary schedule
need only list the audit findings and state that corrective action was
taken.
(2) When audit findings were not corrected or were only partially
corrected, the summary schedule shall describe the planned corrective action
as well as any partial corrective action taken.
(3) When corrective action taken is significantly different from
corrective action previously reported in a corrective action plan or in
the Federal agency's or pass-through entity's management decision, the
summary schedule shall provide an explanation.
(4) When the auditee believes the audit findings are no longer valid
or do not warrant further action, the reasons for this position shall be
described in the summary schedule. A valid reason for considering an audit
finding as not warranting further action is that all of the following have
occurred:
(i) Two years have passed since the audit report in which the finding
occurred was submitted to the Federal clearinghouse;
(ii) The Federal agency or pass-through entity is not currently following
up with the auditee on the audit finding; and
(iii) A management decision was not issued.
(c) Corrective action plan. At the completion of the audit,
the auditee shall prepare a corrective action plan to address each audit
finding included in the current year auditor's reports. The corrective
action plan shall provide the name(s) of the contact person(s) responsible
for corrective action, the corrective action planned, and the anticipated
completion date. If the auditee does not agree with the audit findings
or believes corrective action is not required, then the corrective action
plan shall include an explanation and specific reasons.
§___.320 Report submission.
(a) General. The audit shall be completed and the data collection
form described in paragraph (b) of this section and reporting package described
in paragraph (c) of this section shall be submitted within the earlier
of 30 days after receipt of the auditor's report(s), or nine months after
the end of the audit period, unless a longer period is agreed to in advance
by the cognizant or oversight agency for audit. (However, for fiscal years
beginning on or before June 30, 1998, the audit shall be completed and
the data collection form and reporting package shall be submitted within
the earlier of 30 days after receipt of the auditor's report(s), or 13
months after the end of the audit period.) Unless restricted by law or
regulation, the auditee shall make copies available for public inspection.
(b) Data Collection. (1) The auditee shall submit a data collection
form which states whether the audit was completed in accordance with this
part and provides information about the auditee, its Federal programs,
and the results of the audit. The form shall be approved by OMB, available
from the Federal clearinghouse designated by OMB, and include data elements
similar to those presented in this paragraph. A senior level representative
of the auditee (e.g., State controller, director of finance, chief executive
officer, or chief financial officer) shall sign a statement to be included
as part of the form certifying that: the auditee complied with the requirements
of this part, the form was prepared in accordance with this part (and the
instructions accompanying the form), and the information included in the
form, in its entirety, are accurate and complete.
(2) The data collection form shall include the following data elements:
(i) The type of report the auditor issued on the financial statements
of the auditee (i.e., unqualified opinion, qualified opinion, adverse opinion,
or disclaimer of opinion).
(ii) Where applicable, a statement that reportable conditions in
internal control were disclosed by the audit of the financial statements
and whether any such conditions were material weaknesses.
(iii) A statement as to whether the audit disclosed any noncompliance
which is material to the financial statements of the auditee.
(iv) Where applicable, a statement that reportable conditions in
internal control over major programs were disclosed by the audit and whether
any such conditions were material weaknesses.
(v) The type of report the auditor issued on compliance for major
programs (i.e., unqualified opinion, qualified opinion, adverse opinion,
or disclaimer of opinion).
(vi) A list of the Federal awarding agencies which will receive a
copy of the reporting package pursuant to §___.320(d)(2) of OMB Circular
A-133.
(vii) A yes or no statement as to whether the auditee qualified as
a low-risk auditee under §___.530 of OMB Circular A-133.
(viii) The dollar threshold used to distinguish between Type A and
Type B programs as defined in §___.520(b) of OMB Circular A-133.
(ix) The Catalog of Federal Domestic Assistance (CFDA) number
for each Federal program, as applicable.
(x) The name of each Federal program and identification of each major
program. Individual programs within a cluster of programs should be listed
in the same level of detail as they are listed in the schedule of expenditures
of Federal awards.
(xi) The amount of expenditures in the schedule of expenditures of
Federal awards associated with each Federal program.
(xii) For each Federal program, a yes or no statement as to whether
there are audit findings in each of the following types of compliance requirements
and the total amount of any questioned costs:
(A) Activities allowed or unallowed.
(B) Allowable costs/cost principles.
(C) Cash management.
(D) Davis-Bacon Act.
(E) Eligibility.
(F) Equipment and real property management.
(G) Matching, level of effort, earmarking.
(H) Period of availability of Federal funds.
(I) Procurement and suspension and debarment.
(J) Program income.
(K) Real property acquisition and relocation assistance.
(L) Reporting.
(M) Subrecipient monitoring.
(N) Special tests and provisions.
(xiii) Auditee Name, Employer Identification Number(s), Name and
Title of Certifying Official, Telephone Number, Signature, and Date.
(xiv) Auditor Name, Name and Title of Contact Person, Auditor Address,
Auditor Telephone Number, Signature, and Date.
(xv) Whether the auditee has either a cognizant or oversight agency
for audit.
(xvi) The name of the cognizant or oversight agency for audit determined
in accordance with §___.400(a) and §___.400(b), respectively.
(3) Using the information included in the reporting package described
in paragraph (c) of this section, the auditor shall complete the applicable
sections of the form. The auditor shall sign a statement to be included
as part of the data collection form that indicates, at a minimum, the source
of the information included in the form, the auditor's responsibility for
the information, that the form is not a substitute for the reporting package
described in paragraph (c) of this section, and that the content of the
form is limited to the data elements prescribed by OMB.
(c) Reporting package. The reporting package shall include
the:
(1) Financial statements and schedule of expenditures of Federal
awards discussed in §___.310(a) and §___.310(b), respectively;
(2) Summary schedule of prior audit findings discussed in §___.315(b);
(3) Auditor's report(s) discussed in §___.505; and
(4) Corrective action plan discussed in §___.315(c).
(d) Submission to clearinghouse. All auditees shall submit
to the Federal clearinghouse designated by OMB the data collection form
described in paragraph (b) of this section and one copy of the reporting
package described in paragraph (c) of this section for:
(1) The Federal clearinghouse to retain as an archival copy; and
(2) Each Federal awarding agency when the schedule of findings and
questioned costs disclosed audit findings relating to Federal awards that
the Federal awarding agency provided directly or the summary schedule of
prior audit findings reported the status of any audit findings relating
to Federal awards that the Federal awarding agency provided directly.
(e) Additional submission by subrecipients. (1) In addition
to the requirements discussed in paragraph (d) of this section, auditees
that are also subrecipients shall submit to each pass-through entity one
copy of the reporting package described in paragraph (c) of this section
for each pass-through entity when the schedule of findings and questioned
costs disclosed audit findings relating to Federal awards that the pass-through
entity provided or the summary schedule of prior audit findings reported
the status of any audit findings relating to Federal awards that the pass-through
entity provided.
(2) Instead of submitting the reporting package to a pass-through
entity, when a subrecipient is not required to submit a reporting package
to a pass-through entity pursuant to paragraph (e)(1) of this section,
the subrecipient shall provide written notification to the pass-through
entity that: an audit of the subrecipient was conducted in accordance with
this part (including the period covered by the audit and the name, amount,
and CFDA number of the Federal award(s) provided by the pass-through entity);
the schedule of findings and questioned costs disclosed no audit findings
relating to the Federal award(s) that the pass-through entity provided;
and, the summary schedule of prior audit findings did not report on the
status of any audit findings relating to the Federal award(s) that the
pass-through entity provided. A subrecipient may submit a copy of the reporting
package described in paragraph (c) of this section to a pass-through entity
to comply with this notification requirement.
(f) Requests for report copies. In response to requests by
a Federal agency or pass-through entity, auditees shall submit the appropriate
copies of the reporting package described in paragraph (c) of this section
and, if requested, a copy of any management letters issued by the auditor.
(g) Report retention requirements. Auditees shall keep one
copy of the data collection form described in paragraph (b) of this section
and one copy of the reporting package described in paragraph (c) of this
section on file for three years from the date of submission to the Federal
clearinghouse designated by OMB. Pass-through entities shall keep subrecipients'
submissions on file for three years from date of receipt.
(h) Clearinghouse responsibilities. The Federal clearinghouse
designated by OMB shall distribute the reporting packages received in accordance
with paragraph (d)(2) of this section and §___.235(c)(3) to applicable
Federal awarding agencies, maintain a data base of completed audits, provide
appropriate information to Federal agencies, and follow up with known auditees
which have not submitted the required data collection forms and reporting
packages.
(i) Clearinghouse address. The address of the Federal clearinghouse
currently designated by OMB is Federal Audit Clearinghouse, Bureau of the
Census, 1201 E. 10th Street, Jeffersonville, IN 47132.
(j) Electronic filing. Nothing in this part shall preclude
electronic submissions to the Federal clearinghouse in such manner as may
be approved by OMB. With OMB approval, the Federal clearinghouse may pilot
test methods of electronic submissions.
§___.400 Responsibilities.
(a) Cognizant agency for audit responsibilities. Recipients
expending more than $25 million a year in Federal awards shall have a cognizant
agency for audit. The designated cognizant agency for audit shall be the
Federal awarding agency that provides the predominant amount of direct
funding to a recipient unless OMB makes a specific cognizant agency for
audit assignment. To provide for continuity of cognizance, the determination
of the predominant amount of direct funding shall be based upon direct
Federal awards expended in the recipient's fiscal years ending in 1995,
2000, 2005, and every fifth year thereafter. For example, audit cognizance
for periods ending in 1997 through 2000 will be determined based on Federal
awards expended in 1995. (However, for States and local governments that
expend more than $25 million a year in Federal awards and have previously
assigned cognizant agencies for audit, the requirements of this paragraph
are not effective until fiscal years beginning after June 30, 2000.) Notwithstanding
the manner in which audit cognizance is determined, a Federal awarding
agency with cognizance for an auditee may reassign cognizance to another
Federal awarding agency which provides substantial direct funding and agrees
to be the cognizant agency for audit. Within 30 days after any reassignment,
both the old and the new cognizant agency for audit shall notify the auditee,
and, if known, the auditor of the reassignment. The cognizant agency for
audit shall:
(1) Provide technical audit advice and liaison to auditees and auditors.
(2) Consider auditee requests for extensions to the report submission
due date required by §___.320(a). The cognizant agency for audit may
grant extensions for good cause.
(3) Obtain or conduct quality control reviews of selected audits
made by non-Federal auditors, and provide the results, when appropriate,
to other interested organizations.
(4) Promptly inform other affected Federal agencies and appropriate
Federal law enforcement officials of any direct reporting by the auditee
or its auditor of irregularities or illegal acts, as required by GAGAS
or laws and regulations.
(5) Advise the auditor and, where appropriate, the auditee of any
deficiencies found in the audits when the deficiencies require corrective
action by the auditor. When advised of deficiencies, the auditee shall
work with the auditor to take corrective action. If corrective action is
not taken, the cognizant agency for audit shall notify the auditor, the
auditee, and applicable Federal awarding agencies and pass-through entities
of the facts and make recommendations for follow-up action. Major inadequacies
or repetitive substandard performance by auditors shall be referred to
appropriate State licensing agencies and professional bodies for disciplinary
action.
(6) Coordinate, to the extent practical, audits or reviews made by
or for Federal agencies that are in addition to the audits made pursuant
to this part, so that the additional audits or reviews build upon audits
performed in accordance with this part.
(7) Coordinate a management decision for audit findings that affect
the Federal programs of more than one agency.
(8) Coordinate the audit work and reporting responsibilities among
auditors to achieve the most cost-effective audit.
(9) For biennial audits permitted under §___.220, consider auditee
requests to qualify as a low-risk auditee under §___.530(a).
(b) Oversight agency for audit responsibilities. An auditee
which does not have a designated cognizant agency for audit will be under
the general oversight of the Federal agency determined in accordance with
§___.105. The oversight agency for audit:
(1) Shall provide technical advice to auditees and auditors as requested.
(2) May assume all or some of the responsibilities normally performed
by a cognizant agency for audit.
(c) Federal awarding agency responsibilities. The Federal
awarding agency shall perform the following for the Federal awards it makes:
(1) Identify Federal awards made by informing each recipient of the
CFDA title and number, award name and number, award year, and if the award
is for R&D. When some of this information is not available, the Federal
agency shall provide information necessary to clearly describe the Federal
award.
(2) Advise recipients of requirements imposed on them by Federal
laws, regulations, and the provisions of contracts or grant agreements.
(3) Ensure that audits are completed and reports are received in
a timely manner and in accordance with the requirements of this part.
(4) Provide technical advice and counsel to auditees and auditors
as requested.
(5) Issue a management decision on audit findings within six months
after receipt of the audit report and ensure that the recipient takes appropriate
and timely corrective action.
(6) Assign a person responsible for providing annual updates of the
compliance supplement to OMB.
(d) Pass-through entity responsibilities. A pass-through entity
shall perform the following for the Federal awards it makes:
(1) Identify Federal awards made by informing each subrecipient of
CFDA title and number, award name and number, award year, if the award
is R&D, and name of Federal agency. When some of this information is
not available, the pass-through entity shall provide the best information
available to describe the Federal award.
(2) Advise subrecipients of requirements imposed on them by Federal
laws, regulations, and the provisions of contracts or grant agreements
as well as any supplemental requirements imposed by the pass-through entity.
(3) Monitor the activities of subrecipients as necessary to ensure
that Federal awards are used for authorized purposes in compliance with
laws, regulations, and the provisions of contracts or grant agreements
and that performance goals are achieved.
(4) Ensure that subrecipients expending $300,000 or more in Federal
awards during the subrecipient's fiscal year have met the audit requirements
of this part for that fiscal year.
(5) Issue a management decision on audit findings within six months
after receipt of the subrecipient's audit report and ensure that the subrecipient
takes appropriate and timely corrective action.
(6) Consider whether subrecipient audits necessitate adjustment of
the pass-through entity's own records.
(7) Require each subrecipient to permit the pass-through entity and
auditors to have access to the records and financial statements as necessary
for the pass-through entity to comply with this part.
§___.405 Management decision.
(a) General. The management decision shall clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action. If the auditee has not completed corrective action, a timetable for follow-up should be given. Prior to issuing the management decision, the Federal agency or pass-through entity may request
additional information or documentation from the auditee, including
a request for auditor assurance related to the documentation, as a way
of mitigating disallowed costs. The management decision should describe
any appeal process available to the auditee.
(b) Federal agency. As provided in §___.400(a)(7), the
cognizant agency for audit shall be responsible for coordinating a management
decision for audit findings that affect the programs of more than one Federal
agency. As provided in §___.400(c)(5), a Federal awarding agency is
responsible for issuing a management decision for findings that relate
to Federal awards it makes to recipients. Alternate arrangements may be
made on a case-by-case basis by agreement among the Federal agencies concerned.
(c) Pass-through entity. As provided in §___.400(d)(5),
the pass-through entity shall be responsible for making the management
decision for audit findings that relate to Federal awards it makes to subrecipients.
(d) Time requirements. The entity responsible for making the
management decision shall do so within six months of receipt of the audit
report. Corrective action should be initiated within six months after receipt
of the audit report and proceed as rapidly as possible.
(e) Reference numbers. Management decisions shall include
the reference numbers the auditor assigned to each audit finding in accordance
with §___.510(c).
§___.500 Scope of audit.
(a) General. The audit shall be conducted in accordance with
GAGAS. The audit shall cover the entire operations of the auditee; or,
at the option of the auditee, such audit shall include a series of audits
that cover departments, agencies, and other organizational units which
expended or otherwise administered Federal awards during such fiscal year,
provided that each such audit shall encompass the financial statements
and schedule of expenditures of Federal awards for each such department,
agency, and other organizational unit, which shall be considered to be
a non-Federal entity. The financial statements and schedule of expenditures
of Federal awards shall be for the same fiscal year.
(b) Financial statements. The auditor shall determine whether
the financial statements of the auditee are presented fairly in all material
respects in conformity with generally accepted accounting principles. The
auditor shall also determine whether the schedule of expenditures of Federal
awards is presented fairly in all material respects in relation to the
auditee's financial statements taken as a whole.
(c) Internal control. (1) In addition to the requirements
of GAGAS, the auditor shall perform procedures to obtain an understanding
of internal control over Federal programs sufficient to plan the audit
to support a low assessed level of control risk for major programs.
(2) Except as provided in paragraph (c)(3) of this section, the auditor
shall:
(i) Plan the testing of internal control over major programs to support
a low assessed level of control risk for the assertions relevant to the
compliance requirements for each major program; and
(ii) Perform testing of internal control as planned in paragraph
(c)(2)(i) of this section.
(3) When internal control over some or all of the compliance requirements
for a major program are likely to be ineffective in preventing or detecting
noncompliance, the planning and performing of testing described in paragraph
(c)(2) of this section are not required for those compliance requirements.
However, the auditor shall report a reportable condition (including whether
any such condition is a material weakness) in accordance with §___.510,
assess the related control risk at the maximum, and consider whether additional
compliance tests are required because of ineffective internal control.
(d) Compliance. (1) In addition to the requirements of GAGAS,
the auditor shall determine whether the auditee has complied with laws,
regulations, and the provisions of contracts or grant agreements that may
have a direct and material effect on each of its major programs.
(2) The principal compliance requirements applicable to most Federal
programs and the compliance requirements of the largest Federal programs
are included in the compliance supplement.
(3) For the compliance requirements related to Federal programs contained
in the compliance supplement, an audit of these compliance requirements
will meet the requirements of this part. Where there have been changes
to the compliance requirements and the changes are not reflected in the
compliance supplement, the auditor shall determine the current compliance
requirements and modify the audit procedures accordingly. For those Federal
programs not covered in the compliance supplement, the auditor should use
the types of compliance requirements contained in the compliance supplement
as guidance for identifying the types of compliance requirements to test,
and determine the requirements governing the Federal program by reviewing
the provisions of contracts and grant agreements and the laws and regulations
referred to in such contracts and grant agreements.
(4) The compliance testing shall include tests of transactions and
such other auditing procedures necessary to provide the auditor sufficient
evidence to support an opinion on compliance.
(e) Audit follow-up. The auditor shall follow-up on prior
audit findings, perform procedures to assess the reasonableness of the
summary schedule of prior audit findings prepared by the auditee in accordance
with §___.315(b), and report, as a current year audit finding, when
the auditor concludes that the summary schedule of prior audit findings
materially misrepresents the status of any prior audit finding. The auditor
shall perform audit follow-up procedures regardless of whether a prior
audit finding relates to a major program in the current year.
(f) Data Collection Form. As required in §___.320(b)(3),
the auditor shall complete and sign specified sections of the data collection
form.
§___.505 Audit reporting.
The auditor's report(s) may be in the form of either combined or
separate reports and may be organized differently from the manner presented
in this section. The auditor's report(s) shall state that the audit was
conducted in accordance with this part and include the following:
(a) An opinion (or disclaimer of opinion) as to whether the financial
statements are presented fairly in all material respects in conformity
with generally accepted accounting principles and an opinion (or disclaimer
of opinion) as to whether the schedule of expenditures of Federal awards
is presented fairly in all material respects in relation to the financial
statements taken as a whole.
(b) A report on internal control related to the financial statements
and major programs. This report shall describe the scope of testing of
internal control and the results of the tests, and, where applicable, refer
to the separate schedule of findings and questioned costs described in
paragraph (d) of this section.
(c) A report on compliance with laws, regulations, and the provisions
of contracts or grant agreements, noncompliance with which could have a
material effect on the financial statements. This report shall also include
an opinion (or disclaimer of opinion) as to whether the auditee complied
with laws, regulations, and the provisions of contracts or grant agreements
which could have a direct and material effect on each major program, and,
where applicable, refer to the separate schedule of findings and questioned
costs described in paragraph (d) of this section.
(d) A schedule of findings and questioned costs which shall include
the following three components:
(1) A summary of the auditor's results which shall include:
(i) The type of report the auditor issued on the financial statements
of the auditee (i.e., unqualified opinion, qualified opinion, adverse opinion,
or disclaimer of opinion);
(ii) Where applicable, a statement that reportable conditions in
internal control were disclosed by the audit of the financial statements
and whether any such conditions were material weaknesses;
(iii) A statement as to whether the audit disclosed any noncompliance
which is material to the financial statements of the auditee;
(iv) Where applicable, a statement that reportable conditions in
internal control over major programs were disclosed by the audit and whether
any such conditions were material weaknesses;
(v) The type of report the auditor issued on compliance for major
programs (i.e., unqualified opinion, qualified opinion, adverse opinion,
or disclaimer of opinion);
(vi) A statement as to whether the audit disclosed any audit findings
which the auditor is required to report under §___.510(a);
(vii) An identification of major programs;
(viii)The dollar threshold used to distinguish between Type A and
Type B programs, as described in §___.520(b); and
(ix) A statement as to whether the auditee qualified as a low-risk
auditee under §___.530.
(2) Findings relating to the financial statements which are required
to be reported in accordance with GAGAS.
(3) Findings and questioned costs for Federal awards which shall
include audit findings as defined in §___.510(a).
(i) Audit findings (e.g., internal control findings, compliance findings,
questioned costs, or fraud) which relate to the same issue should be presented
as a single audit finding. Where practical, audit findings should be organized
by Federal agency or pass-through entity.
(ii) Audit findings which relate to both the financial statements
and Federal awards, as reported under paragraphs (d)(2) and (d)(3) of this
section, respectively, should be reported in both sections of the schedule.
However, the reporting in one section of the schedule may be in summary
form with a reference to a detailed reporting in the other section of the
schedule.
§___.510 Audit findings.
(a) Audit findings reported. The auditor shall report the
following as audit findings in a schedule of findings and questioned costs:
(1) Reportable conditions in internal control over major programs.
The auditor's determination of whether a deficiency in internal control
is a reportable condition for the purpose of reporting an audit finding
is in relation to a type of compliance requirement for a major program
or an audit objective identified in the compliance supplement. The auditor
shall identify reportable conditions which are individually or cumulatively
material weaknesses.
(2) Material noncompliance with the provisions of laws, regulations,
contracts, or grant agreements related to a major program. The auditor's
determination of whether a noncompliance with the provisions of laws, regulations,
contracts, or grant agreements is material for the purpose of reporting
an audit finding is in relation to a type of compliance requirement for
a major program or an audit objective identified in the compliance supplement.
(3) Known questioned costs which are greater than $10,000 for a type
of compliance requirement for a major program. Known questioned costs are
those specifically identified by the auditor. In evaluating the effect
of questioned costs on the opinion on compliance, the auditor considers
the best estimate of total costs questioned (likely questioned costs),
not just the questioned costs specifically identified (known questioned
costs). The auditor shall also report known questioned costs when likely
questioned costs are greater than $10,000 for a type of compliance requirement
for a major program. In reporting questioned costs, the auditor shall include
information to provide proper perspective for judging the prevalence and
consequences of the questioned costs.
(4) Known questioned costs which are greater than $10,000 for a Federal
program which is not audited as a major program. Except for audit follow-up,
the auditor is not required under this part to perform audit procedures
for such a Federal program; therefore, the auditor will normally not find
questioned costs for a program which is not audited as a major program.
However, if the auditor does become aware of questioned costs for a Federal
program which is not audited as a major program (e.g., as part of audit
follow-up or other audit procedures) and the known questioned costs are
greater than $10,000, then the auditor shall report this as an audit finding.
(5) The circumstances concerning why the auditor's report on compliance
for major programs is other than an unqualified opinion, unless such circumstances
are otherwise reported as audit findings in the schedule of findings and
questioned costs for Federal awards.
(6) Known fraud affecting a Federal award, unless such fraud is otherwise
reported as an audit finding in the schedule of findings and questioned
costs for Federal awards. This paragraph does not require the auditor to
make an additional reporting when the auditor confirms that the fraud was
reported outside of the auditor's reports under the direct reporting requirements
of GAGAS.
(7) Instances where the results of audit follow-up procedures disclosed
that the summary schedule of prior audit findings prepared by the auditee
in accordance with §___.315(b) materially misrepresents the status
of any prior audit finding.
(b) Audit finding detail. Audit findings shall be presented
in sufficient detail for the auditee to prepare a corrective action plan
and take corrective action and for Federal agencies and pass-through entities
to arrive at a management decision. The following specific information
shall be included, as applicable, in audit findings:
(1) Federal program and specific Federal award identification including
the CFDA title and number, Federal award number and year, name of Federal
agency, and name of the applicable pass-through entity. When information,
such as the CFDA title and number or Federal award number, is not available,
the auditor shall provide the best information available to describe the
Federal award.
(2) The criteria or specific requirement upon which the audit finding
is based, including statutory, regulatory, or other citation.
(3) The condition found, including facts that support the deficiency
identified in the audit finding.
(4) Identification of questioned costs and how they were computed.
(5) Information to provide proper perspective for judging the prevalence
and consequences of the audit findings, such as whether the audit findings
represent an isolated instance or a systemic problem. Where appropriate,
instances identified shall be related to the universe and the number of
cases examined and be quantified in terms of dollar value.
(6) The possible asserted effect to provide sufficient information
to the auditee and Federal agency, or pass-through entity in the case of
a subrecipient, to permit them to determine the cause and effect to facilitate
prompt and proper corrective action.
(7) Recommendations to prevent future occurrences of the deficiency
identified in the audit finding.
(8) Views of responsible officials of the auditee when there is disagreement
with the audit findings, to the extent practical.
(c) Reference numbers. Each audit finding in the schedule
of findings and questioned costs shall include a reference number to allow
for easy referencing of the audit findings during follow-up.
§___.515 Audit working papers.
(a) Retention of working papers. The auditor shall retain
working papers and reports for a minimum of three years after the date
of issuance of the auditor's report(s) to the auditee, unless the auditor
is notified in writing by the cognizant agency for audit, oversight agency
for audit, or pass-through entity to extend the retention period. When
the auditor is aware that the Federal awarding agency, pass-through entity,
or auditee is contesting an audit finding, the auditor shall contact the
parties contesting the audit finding for guidance prior to destruction
of the working papers and reports.
(b) Access to working papers. Audit working papers shall be
made available upon request to the cognizant or oversight agency for audit
or its designee, a Federal agency providing direct or indirect funding,
or GAO at the completion of the audit, as part of a quality review, to
resolve audit findings, or to carry out oversight responsibilities consistent
with the purposes of this part. Access to working papers includes the right
of Federal agencies to obtain copies of working papers, as is reasonable
and necessary.
§___.520 Major program determination.
(a) General. The auditor shall use a risk-based approach to
determine which Federal programs are major programs. This risk-based approach
shall include consideration of: Current and prior audit experience, oversight
by Federal agencies and pass-through entities, and the inherent risk of
the Federal program. The process in paragraphs (b) through (i) of this
section shall be followed.
(b) Step 1. (1) The auditor shall identify the larger Federal
programs, which shall be labeled Type A programs. Type A programs are defined
as Federal programs with Federal awards expended during the audit period
exceeding the larger of:
(i) $300,000 or three percent (.03) of total Federal awards expended
in the case of an auditee for which total Federal awards expended equal
or exceed $300,000 but are less than or equal to $100 million.
(ii) $3 million or three-tenths of one percent (.003) of total Federal
awards expended in the case of an auditee for which total Federal awards
expended exceed $100 million but are less than or equal to $10 billion.
(iii) $30 million or 15 hundredths of one percent (.0015) of total
Federal awards expended in the case of an auditee for which total Federal
awards expended exceed $10 billion.
(2) Federal programs not labeled Type A under paragraph (b)(1) of
this section shall be labeled Type B programs.
(3) The inclusion of large loan and loan guarantees (loans) should
not result in the exclusion of other programs as Type A programs. When
a Federal program providing loans significantly affects the number or size
of Type A programs, the auditor shall consider this Federal program as
a Type A program and exclude its values in determining other Type A programs.
(4) For biennial audits permitted under §___.220, the determination
of Type A and Type B programs shall be based upon the Federal awards expended
during the two-year period.
(c) Step 2. (1) The auditor shall identify Type A programs
which are low-risk. For a Type A program to be considered low-risk, it
shall have been audited as a major program in at least one of the two most
recent audit periods (in the most recent audit period in the case of a
biennial audit), and, in the most recent audit period, it shall have had
no audit findings under §___.510(a). However, the auditor may use
judgment and consider that audit findings from questioned costs under §___.510(a)(3)
and §___.510(a)(4), fraud under §___.510(a)(6), and audit follow-up
for the summary schedule of prior audit findings under §___.510(a)(7)
do not preclude the Type A program from being low-risk. The auditor shall
consider: the criteria in §___.525(c), §___.525(d)(1), §___.525(d)(2),
and §___.525(d)(3); the results of audit follow-up; whether any changes
in personnel or systems affecting a Type A program have significantly increased
risk; and apply professional judgment in determining whether a Type A program
is low-risk.
(2) Notwithstanding paragraph (c)(1) of this section, OMB may approve
a Federal awarding agency's request that a Type A program at certain recipients
may not be considered low-risk. For example, it may be necessary for a
large Type A program to be audited as major each year at particular recipients
to allow the Federal agency to comply with the Government Management Reform
Act of 1994 (31 U.S.C. 3515). The Federal agency shall notify the recipient
and, if known, the auditor at least 180 days prior to the end of the fiscal
year to be audited of OMB's approval.
(d) Step 3. (1) The auditor shall identify Type B programs
which are high-risk using professional judgment and the criteria in §___.525.
However, should the auditor select Option 2 under Step 4 (paragraph (e)(2)(i)(B)
of this section), the auditor is not required to identify more high-risk
Type B programs than the number of low-risk Type A programs. Except for
known reportable conditions in internal control or compliance problems
as discussed in §___.525(b)(1), §___.525(b)(2), and §___.525(c)(1),
a single criteria in §___.525 would seldom cause a Type B program
to be considered high-risk.
(2) The auditor is not expected to perform risk assessments on relatively
small Federal programs. Therefore, the auditor is only required to perform
risk assessments on Type B programs that exceed the larger of:
(i) $100,000 or three-tenths of one percent (.003) of total Federal
awards expended when the auditee has less than or equal to $100 million
in total Federal awards expended.
(ii) $300,000 or three-hundredths of one percent (.0003) of total
Federal awards expended when the auditee has more than $100 million in
total Federal awards expended.
(e) Step 4. At a minimum, the auditor shall audit all of the
following as major programs:
(1) All Type A programs, except the auditor may exclude any Type
A programs identified as low-risk under Step 2 (paragraph (c)(1) of this
section).
(2) (i) High-risk Type B programs as identified under either of the
following two options:
(A) Option 1. At least one half of the Type B programs identified
as high-risk under Step 3 (paragraph (d) of this section), except this
paragraph (e)(2)(i)(A) does not require the auditor to audit more high-risk
Type B programs than the number of low-risk Type A programs identified
as low-risk under Step 2.
(B) Option 2. One high-risk Type B program for each Type A
program identified as low-risk under Step 2.
(ii) When identifying which high-risk Type B programs to audit as
major under either Option 1 or 2 in paragraph (e)(2)(i)(A) or (B), the
auditor is encouraged to use an approach which provides an opportunity
for different high-risk Type B programs to be audited as major over a period
of time.
(3) Such additional programs as may be necessary to comply with the
percentage of coverage rule discussed in paragraph (f) of this section.
This paragraph (e)(3) may require the auditor to audit more programs as
major than the number of Type A programs.
(f) Percentage of coverage rule. The auditor shall audit as
major programs Federal programs with Federal awards expended that, in the
aggregate, encompass at least 50 percent of total Federal awards expended.
If the auditee meets the criteria in §___.530 for a low-risk auditee,
the auditor need only audit as major programs Federal programs with Federal
awards expended that, in the aggregate, encompass at least 25 percent of
total Federal awards expended.
(g) Documentation of risk. The auditor shall document in the
working papers the risk analysis process used in determining major programs.
(h) Auditor's judgment. When the major program determination
was performed and documented in accordance with this part, the auditor's
judgment in applying the risk-based approach to determine major programs
shall be presumed correct. Challenges by Federal agencies and pass-through
entities shall only be for clearly improper use of the guidance in this
part. However, Federal agencies and pass-through entities may provide auditors
guidance about the risk of a particular Federal program and the auditor
shall consider this guidance in determining major programs in audits not
yet completed.
(i) Deviation from use of risk criteria. For first-year audits,
the auditor may elect to determine major programs as all Type A programs
plus any Type B programs as necessary to meet the percentage of coverage
rule discussed in paragraph (f) of this section. Under this option, the
auditor would not be required to perform the procedures discussed in paragraphs
(c), (d), and (e) of this section.
(1) A first-year audit is the first year the entity is audited under
this part or the first year of a change of auditors.
(2) To ensure that a frequent change of auditors would not preclude
audit of high-risk Type B programs, this election for first-year audits
may not be used by an auditee more than once in every three years.
§___.525 Criteria for Federal program risk.
(a) General. The auditor's determination should be based on
an overall evaluation of the risk of noncompliance occurring which could
be material to the Federal program. The auditor shall use auditor judgment
and consider criteria, such as described in paragraphs (b), (c), and (d)
of this section, to identify risk in Federal programs. Also, as part of
the risk analysis, the auditor may wish to discuss a particular Federal
program with auditee management and the Federal agency or pass-through
entity.
(b) Current and prior audit experience. (1) Weaknesses in
internal control over Federal programs would indicate higher risk. Consideration
should be given to the control environment over Federal programs and such
factors as the expectation of management's adherence to applicable laws
and regulations and the provisions of contracts and grant agreements and
the competence and experience of personnel who administer the Federal programs.
(i) A Federal program administered under multiple internal control
structures may have higher risk. When assessing risk in a large single
audit, the auditor shall consider whether weaknesses are isolated in a
single operating unit (e.g., one college campus) or pervasive throughout
the entity.
(ii) When significant parts of a Federal program are passed through
to subrecipients, a weak system for monitoring subrecipients would indicate
higher risk.
(iii) The extent to which computer processing is used to administer
Federal programs, as well as the complexity of that processing, should
be considered by the auditor in assessing risk. New and recently modified
computer systems may also indicate risk.
(2) Prior audit findings would indicate higher risk, particularly
when the situations identified in the audit findings could have a significant
impact on a Federal program or have not been corrected.
(3) Federal programs not recently audited as major programs may be
of higher risk than Federal programs recently audited as major programs
without audit findings.
(c) Oversight exercised by Federal agencies and pass-through entities.
(1) Oversight exercised by Federal agencies or pass-through entities could
indicate risk. For example, recent monitoring or other reviews performed
by an oversight entity which disclosed no significant problems would indicate
lower risk. However, monitoring which disclosed significant problems would
indicate higher risk.
(2) Federal agencies, with the concurrence of OMB, may identify Federal
programs which are higher risk. OMB plans to provide this identification
in the compliance supplement.
(d) Inherent risk of the Federal program. (1) The nature of
a Federal program may indicate risk. Consideration should be given to the
complexity of the program and the extent to which the Federal program contracts
for goods and services. For example, Federal programs that disburse funds
through third party contracts or have eligibility criteria may be of higher
risk. Federal programs primarily involving staff payroll costs may have
a high-risk for time and effort reporting, but otherwise be at low-risk.
(2) The phase of a Federal program in its life cycle at the Federal
agency may indicate risk. For example, a new Federal program with new or
interim regulations may have higher risk than an established program with
time-tested regulations. Also, significant changes in Federal programs,
laws, regulations, or the provisions of contracts or grant agreements may
increase risk.
(3) The phase of a Federal program in its life cycle at the auditee
may indicate risk. For example, during the first and last years that an
auditee participates in a Federal program, the risk may be higher due to
start-up or closeout of program activities and staff.
(4) Type B programs with larger Federal awards expended would be
of higher risk than programs with substantially smaller Federal awards
expended.
§___.530 Criteria for a low-risk auditee.
An auditee which meets all of the following conditions for each of
the preceding two years (or, in the case of biennial audits, preceding
two audit periods) shall qualify as a low-risk auditee and be eligible
for reduced audit coverage in accordance with §___.520:
(a) Single audits were performed on an annual basis in accordance
with the provisions of this part. A non-Federal entity that has biennial
audits does not qualify as a low-risk auditee, unless agreed to in advance
by the cognizant or oversight agency for audit.
(b) The auditor's opinions on the financial statements and the schedule
of expenditures of Federal awards were unqualified. However, the cognizant
or oversight agency for audit may judge that an opinion qualification does
not affect the management of Federal awards and provide a waiver.
(c) There were no deficiencies in internal control which were identified
as material weaknesses under the requirements of GAGAS. However, the cognizant
or oversight agency for audit may judge that any identified material weaknesses
do not affect the management of Federal awards and provide a waiver.
(d) None of the Federal programs had audit findings from any of the
following in either of the preceding two years (or, in the case of biennial
audits, preceding two audit periods) in which they were classified as Type
A programs:
(1) Internal control deficiencies which were identified as material
weaknesses;
(2) Noncompliance with the provisions of laws, regulations, contracts,
or grant agreements which have a material effect on the Type A program;
or(3) Known or likely questioned costs that exceed five percent of the
total Federal awards expended for a Type A program during the year.
Appendix A to Part __ - Data Collection Form (Form SF-SAC)
[insert SF-SAC after finalized]
Appendix B to Part __ - Circular A-133 Compliance Supplement
Note: Provisional OMB Circular A-133 Compliance Supplement is available
from the Office of Administration, Publications Office, room 2200, New
Executive Office Building, Washington, DC 20503.
Billing Code 3110-01-P