Login

The OMB Compliance Supplement - Your New Best Friend

  • Bob Hollowell

If you've been awarded a Federal grant, you probably know you are required to comply with the Uniform Guidance published as Title 2 of the Code of Federal Regulations. This should be stated in your terms and conditions. And you probably also know that if you expend over $750K in Federal funds during your fiscal year, you are subject to a Single audit that will test your compliance with the Uniform Guidance and other requirements imposed on your grant. But did you know the Office of Management and Budget publishes a Compliance Supplement each year that could help you prepare for your Single audit?

That's right. But what is a compliance supplement?

The compliance supplement is a document that compiles existing compliance requirements from the Uniform Guidance (2 CFR 200) for auditors and recipients to determine which compliance requirements are important to the Federal government and could have both a direct and material effect on a program. In simple terms, it shows the auditors what to look at when auditing grants under certain programs. It also guides recipients on how to design internal controls to ensure compliance with Federal regulations and requirements under grants.

The compliance supplement is divided into multiple parts:

  • Part 1: Has the table of contents and provides the background, purpose and applicability of the compliance supplement.

  • Part 2: Provides a matrix of compliance requirements for all programs addressed in the compliance supplement. The matrix shows a "Y" (Yes) and "N" (No) to indicate if a compliance requirement is subject to audit during the Single audit. There are 12 compliance requirements listed in the matrix and addressed throughout this and other parts of the compliance supplement. These are:

    • Activities Allowed or Unallowed

    • Allowable Costs/Cost Principles

    • Cash Management

    • Eligibility

    • Equipment and Real Property Management

    • Matching, Level of Effort, Earmarking

    • Period of Performance

    • Procurement and Suspension & Debarment

    • Program Income

    • Reporting

    • Subrecipient Monitoring

    • Special Tests and Provisions

Note: Missing from this list are Davis-Bacon and Related Acts (DBRA) and Build America Buy American Act (BABAA) requirements which may apply to your grant.

  • Part 3: Provide auditors with the audit objectives and suggested audit procedures for the Single audit. For example, auditors are provided a table of costs that shows if they are allowable or not and if prior approval is required.

  • Part 4: Is a multi-part document with documents published for each of the Federal departments such as the Department of Energy (DOE). These parts provide additional information specific to a department's programs. For example, the DOE provides references to program information for the State Energy Program where grants are awarded to state governments who manage the SEP and issue subawards for programs such as vehicle electrification. The DOE Part 4 list the compliance areas an auditor is required to test when auditing a grant awarded under the SEP program.

  • Part 5: This part is similar to Part 4 but compiles programs into clusters or groupings of grants. Using the example from before, the DOE awards Research and Development (R&D) grants. Other Federal agencies award R&D grants as well. For this reason, R&D is a cluster listed in Part 5. It is not listed in Part 4 for the DOE.

  • Part 6: This part is focused on internal controls or internal controls over compliance. As a recipient you are required to establish and maintain internal control over your Federal awards to provide a reasonable assurance you are managing the award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. This part provides guidance on design and implementation of internal controls both across the organization and specific compliance requirements such as procurement.

  • Part 7: Provides the auditors with guidance on programs not listed in Parts 4 and 5 of the compliance supplement. Keeping with the DOE example, the DOE awards grants for grid integration which are not listed in parts 2, 4 or 5. The auditor must refer to Part 7 to determine which compliance requirements must be tested during the Single audit.

  • Part 8: This part lists programs that are excluded from certain parts of the Uniform Guidance. For example, the Low-Income Home Energy Assistance program is excluded from the Post Federal Award Requirements in the Uniform Guidance.

The compliance supplement is usually around two-thousand pages. Pretty daunting. But if you know the parts of the supplement and what's in each part, you can narrow the focus of your annual review considerably. Generally, reviewing the annual compliance supplement should not take more than a few hours, unless your organization has a broad range of grants across multiple agencies and programs. If you have never reviewed the compliance supplement or have concerns about the design and implementation of your internal controls, you may want to do a deep dive into this document as an assessment of your audit risk. This will not only prepare you for your Single audit but may provide insight into compliance areas that need attention before the auditors arrive.

Now that you know the what, let's talk about the why. The compliance supplement is helpful for knowing what will be audited, how the auditors will conduct their audit, and what internal controls you should have in place.

If an auditor finds that your internal controls are likely to be ineffective in preventing and detecting noncompliance, they are required to report a significant deficiency or material weakness, assess control risk at the maximum, and consider whether additional compliance tests are required. In short, this is where you have finding(s) that require management response, potentially additional oversight by the awarding agency, and the possibility of questioned costs that may require refund to the Awarding agency. Worst case, this could lead to termination of your award and may prevent your organization from receiving future grants.

To help you with your compliance supplement review I provide two documents inside our subscription area:

  1. My OMB Compliance Supplement Controls Guideline. This was prepared based on several extensive reviews of internal controls starting and includes example controls.

  2. My example review of the compliance supplement for some specific programs.

Click HERE to access these documents. Look for the same title as this article.

Let's summarize the compliance supplement like this. It's like taking an open book test. You should never fail an open book test. Right? Well, this is the open book. The compliance supplement provides you with the answers to the test. Or at least tells you what compliance areas will be audited, how they will be tested and what controls you should have in place to be successful.

The information contained in this article serves as a guideline to understand the Code of Federal Regulations (CFR). This article interprets and summarizes requirements from Federal codes and other sources and provides an unqualified opinion as to the nature and application of these regulations. The reader must understand that the full text and context of the CFR and other regulations and requirements must be referenced and applied to applicable and appropriate situations for compliance. A legal professional should also be consulted to ensure accurate interpretation and application of requirements under the CFR, award terms and conditions, and any other applicable regulations.