Meeting the Single Audit Act Requirements

A single audit is an organization-wide examination required for entities that expend significant federal funds. Its function is to assure the U.S. government that an organization is using federal financial assistance according to program requirements. This audit is not just a financial review; it also scrutinizes compliance with the specific rules tied to the federal money received.

The framework for this process is established by the Single Audit Act and detailed in the Office of Management and Budget’s (OMB) Uniform Guidance. These regulations create a standardized audit approach, allowing one audit to satisfy the requirements of multiple federal agencies. This consolidated method is a more efficient use of audit resources for both the government and non-federal entities, such as state and local governments, nonprofits, and educational institutions.

Determining if a Single Audit is Required

The need for a single audit is determined by the amount of federal funds an organization expends during its fiscal year. An audit is mandated for any non-federal entity that expends $1,000,000 or more in federal awards. This threshold is based on the total expenditures across all federal programs for the entity’s fiscal year, not on a per-grant basis.

Calculating this total requires understanding what constitutes a “federal award” and what it means to “expend” funds. Federal awards are not limited to cash grants and include assistance like contracts, loans, loan guarantees, property, and interest subsidies. The calculation must also include pass-through funding, which is federal money received from an intermediary entity, like a state agency, rather than directly from the federal government.

The calculation is based on when funds are spent, not when they are received. For example, expenditures for grant-funded projects are counted as they are incurred. For federal loans, the value of new loans made during the year and the balance of prior loans with continuing compliance requirements are included. This focus on expenditure activity means an organization might require a single audit in one year but not the next.

Preparing for the Single Audit

Thorough preparation is needed for an efficient single audit, and the auditee’s primary responsibility is preparing the Schedule of Expenditures of Federal Awards (SEFA). This schedule is a detailed document prepared by the organization that is foundational to the audit. An accurate and complete SEFA is important, as errors or omissions can lead to inefficiencies and potential restatements.

The SEFA must list all federal awards expended during the fiscal year, organized by the federal agency that provided the funds. For each award, the schedule must include the Assistance Listing Number (ALN), the name of the program, and the total expenditure amount. If funding was received through a pass-through entity, the SEFA must identify that entity and its specific award number.

Beyond the SEFA, the organization must prepare its complete financial statements and gather all supporting documentation. This includes grant agreements, contracts, and correspondence from funding entities. Auditees must also organize evidence for expenditures, such as invoices and payroll records, for auditor review.

The auditee must also document its internal controls over federal programs, which are the policies and procedures ensuring compliance with grant requirements. If an organization cannot prepare an accurate SEFA, it can indicate a reportable internal control weakness. The review of the SEFA by someone not involved in its preparation is a recommended control to ensure accuracy.

The Audit Process and Compliance Testing

The single audit has two components: an audit of the entity’s financial statements and a detailed audit of its federal awards. A defining feature is the auditor’s risk-based approach to selecting which federal programs receive intensive testing. These “major programs” are determined through a multi-step process in the Uniform Guidance that considers program size and risk.

First, the auditor categorizes all federal programs as either Type A (larger programs) or Type B (smaller programs) based on dollar thresholds. The auditor then assesses the risk of all Type A programs, designating them as “low-risk” or “high-risk.” High-risk Type A programs must be audited as major programs. Following this, the auditor identifies high-risk Type B programs using professional judgment and factors like program complexity and prior audit findings.

For each major program, the auditor performs compliance testing based on the OMB Compliance Supplement, which specifies the compliance areas to test. Common areas include:

• Activities Allowed or Unallowed
• Allowable Costs/Cost Principles
• Period of Performance, ensuring funds were used within the specified timeframe
• Reporting, which examines the timeliness and accuracy of required reports
• Subrecipient Monitoring, which assesses oversight of funds passed to other organizations

The auditor must also test the internal controls the entity has implemented to ensure its own compliance with these requirements.

The Single Audit Reporting Package

The final step of the audit is creating the reporting package, and the auditee is responsible for assembling this collection of documents for submission. The package provides a complete picture of the audit’s scope and results and includes several components.

The required documents in the reporting package are:

• The entity’s complete financial statements and the auditor’s opinion on them
• The Schedule of Expenditures of Federal Awards (SEFA)
• An auditor’s report on internal control over financial reporting and on compliance
• An auditor’s report on compliance for each major program and on internal control over compliance
• The Schedule of Findings and Questioned Costs, which details any non-compliance or internal control issues
• A corrective action plan, if findings were identified, outlining steps to fix the problems
• A summary schedule of prior audit findings, reporting the status of previous corrective actions

Submitting the Audit and Post-Audit Responsibilities

The auditee is responsible for the timely submission of the completed reporting package. The package must be submitted electronically to the Federal Audit Clearinghouse (FAC), the central repository for single audit reports designated by the OMB. Submissions are made through the FAC’s online portal.

The submission deadline is the earlier of 30 calendar days after receiving the auditor’s report or nine months after the end of the entity’s fiscal year. Meeting this deadline is a condition of receiving federal funding. The submission process requires filling out webforms and uploading a text-searchable PDF of the reporting package.

After the submission, both the auditor and the auditee must certify the filing within the FAC system. If the audit resulted in findings, the organization must implement its corrective action plan, and federal agencies will follow up to ensure deficiencies are resolved. The auditee must retain all audit documentation for three years from the submission date to make it available for any subsequent reviews.