Printer Friendly

Auditing federal awards: a new approach.

On July 5, 1996, President Clinton signed into law the Single Audit Act Amendments of 1996, legislation that significantly changes and improves the auditing of federal awards received by states, local governments and not-for-profit entities. The act is the culmination of assessments by the General Accounting Office (GAO) and the President's Council on Integrity and Efficiency (PCIE) of the effectiveness of the Single Audit Act of 1984.

This article discusses the new provisions of the single audit process in the act and under Office of Management and Budget (OMB) requirements in Circular A-133, Audits of Institutions of Higher Education and Other Non-Profit Institutions, and how they have changed the way federal grants will be audited. OMB is revising circular A-133 to apply to audits of states, local governments and not-for-profit institutions. When the revisions are final, the OMB will rescind Circular A-128, Audits of State and Local Governments. Both the OMB changes and the act are effective for years beginning after June 30, 1996. Exhibits 1 and 2, page 55, summarize the major changes to the single audit process.


The new law extends audit requirements to not-for-profit organizations, including colleges and universities. It requires an entity that spends $300,000 or more in federal awards to have either a single audit or a program-specific audit and exempts any entity that spends less than $300,000 in federal awards, grants or funds. This provision significantly reduces the audit burden on the management of smaller entities by increasing to $300,000 from $25,000 the threshold that triggers the federal audit requirements. It also bases the monetary threshold on expenditures rather than receipts.

More choices for management. The act gives managements of not-for-profit entities the flexibility of choosing what will be covered by a single audit. Management may elect to have a single audit covering its operations as a whole or a series of audits of the parts of the entity to which the federal awards were applied. Regardless of the choice, the financial statements and schedule of expenditures of the federal funds must be included in the audit.

One of the more common problems under the 1984 act was determining whether amounts received from the federal government were "assistance" (subjecting the entity to the federal audit requirements) or "payments" for services rendered as a vendor. When it is revised, circular A-133 will provide guidance for managers who must make this determination. In the past, no guidance was provided.

A single versus a program-specific audit. An entity must have a single audit for a fiscal year in which it spends funds from more than one federal program. The entity's management can choose to have a program-specific audit for a fiscal year in which it uses funds from only one federal program. Both auditors and management must understand how a federal program is defined under the 1996 act.

Definition of federal program. The new definition of a federal program includes programs that share compliance requirements--referred to as "clusters of programs." Auditors will no longer look at programs and awards with similar requirements individually; rather, clusters of programs will be viewed as one. Through clustering, programs that were not defined as major under the 1984 act and, therefore, not subject to compliance testing now have a higher probability of being selected as major programs, discussed below.


Auditors, who must determine what federal programs are "major" programs, will have to comply with a new rule that mandates the amount of federal expenditures covered under a single audit. In addition, the new requirements expand the auditor's responsibilities in the areas of internal controls and the follow-up on management actions to address prior audit findings.

Determination of major programs. The process of determining what makes a major program has changed significantly. The 1996 act defines a major program as one meeting OMB's risk-based criteria. Before 1996, a major program was defined solely in monetary terms. Also, there is a new cap on the number of programs that can be considered major. The auditor does not have to select more major programs than he or she would have selected using the monetary criteria in the 1984 act.

The OMB prescribed a four-step process to guide auditors in identifying major programs. The criteria to determine risk include an entity's current and prior audit results with federal programs, results of recent oversight visits by federal agencies or pass-through entities and the inherent risk of the program.

The four-step process consists of identifying (1) programs that meet a stated dollar threshold, referred to as type A programs; (2) type A programs that are low risk; (3) high-risk type B programs (type B programs are all programs that fall below the monetary threshold for a type A program) and (4) the following as major programs subject to audit:

* Type A programs not considered low risk.

* At least one-half of the high-risk type B programs. The new cap on major programs will keep the auditor from auditing more high-risk type B programs than low-risk type A programs unless it is necessary to meet the requirements of the percentage-of-coverage rule, discussed below.

* Additional programs required under the percentage-of-coverage rule.

Percentage-of-coverage rule. The auditor must select and test major programs that cover 50% of federal expenditures. For the first time, the auditor should use the percentage-of-coverage rule to determine the minimum number of major programs for compliance and controls testing. Previously, this rule applied only to testing internal controls.

If an auditor determines an entity to be low risk, he or she can reduce the scope of the entity's audit--the percentage of federal expenditures covered can be reduced from 50% to 25% if the entity meets certain criteria, such as an unqualified opinion on the financial statements and no material audit findings for the preceding two years.

Testing internal controls. In the past, the extent of internal control work was unclear. Now, the federal government expects auditors to do specific internal control testing. Under OMB's revised single audit requirements, the auditor is responsible for understanding internal controls over major programs, testing those controls and reporting the results of their tests.

Status of management's actions. Auditors now must assess the newly required summary schedule of prior audit findings. This schedule, which management must prepare, and the auditor's assessment are critical to evaluating the management of federal programs.

Program-specific audits. The 1996 act does not address program-specific audits in any detail; however, the OMB requirements provide extensive discussion of the auditor's responsibilities. Generally, the auditor's responsibilities are the same as they are for major programs under a single audit--that is, the auditor must test internal controls and render an opinion on compliance.


The 1996 act requires auditors to provide a summary of audit results. Under the OMB requirements, auditors must express an opinion on compliance over major programs, issue an internal control report describing the scope of testing and the results of those tests and issue a separate schedule of findings and questioned costs, including an overall summary of audit results.

Schedule of findings and questioned costs and summary of audit results. To meet the act's summary reporting requirement, OMB mandates that the auditor include the summary of audit results as part of the auditor's schedule of findings and questioned costs to improve the usefulness of audit reports.

The auditor must describe the type of report issued on the financial statements, list any material matters of noncompliance related to the financial statements, describe the type of report issued on compliance for major programs and state whether reportable conditions were disclosed. In addition, the summary must show whether the audit disclosed audit findings, including certain specific information on those findings.


The act shortened the time allowed for management to submit its reporting package. Management must now submit the reporting package within 30 days after receiving the auditor's reports or within 9 months after the end of the period audited, whichever is earlier. There is a two-year transition period for meeting the 9-month submission requirement. For audits of fiscal years ending on or before June 30, 1998, the 9-month time frame is extended to 13 months, the maximum time period previously allowed.

The report submissions requirements for the management of federal award recipients and subrecipients also have been significantly modified. Historically, management had to submit reports to the Federal Audit Clearinghouse, to the cognizant audit agency, to the federal funding agencies and to pass-through entities whether or not these reports contained audit findings. Reports issued under the 1996 act will be submitted only to the clearinghouse for subsequent distribution to federal funding agencies and to passthrough entities.

OMB requirements and upcoming revisions to its Compliance Supplement for Single Audits, which will describe the compliance requirements and associated internal controls relating to federal assistance programs, should help both management and auditors understand how to best fulfill their responsibilities.


The act allows the OMB director to extend the single audit process to include performance information. This is an especially important provision given the new federal requirements to define performance goals and measures under the Government Performance and Results Act of 1994 (GPRA).

In addition, the act provides for pilot projects to test alternative methods of achieving the objectives of the single audit process. Several states already have expressed interest in developing alternative approaches. One such approach, which is specifically authorized by the act, is to consider multiple local government entities that operate the same federal programs as a single entity for a single audit. This approach will allow federal and state oversight agencies to more effectively assess program management on a statewide basis while streamlining the audit process.

The changes to the single audit process build on 12 years of experience. Auditors have more freedom to target risky programs and have been relieved of many burdensome and ineffective responsibilities. Implementing guidance being developed by OMB will assist auditors m conducting single and program-specific audits, which are an important accountability tool for the hundreds of billions of federal assistance dollars provided to nonfederal entities.


* ON JULY 5, 1996, THE PRESIDENT SIGNED the Single Audit Act Amendments of 1996. The act extends statutory audit requirements to not-for-profit organizations. OMB is revising OMB circular A-133 to cover all entities covered by the 1996 act and OMB circular A-128. The 1996 act and circular A-133 are effective for years beginning after June 30, 1996.

* THE 1996 ACT REQUIRES AUDITS OF entities spending $300,000 or more in federal assistance funds. Entities spending less are exempt from the act's audit requirements.

* AUDITORS WILL HAVE TO determine major programs, subject to audit, using a risk-based audit approach. OMB has prescribed a four-step risk assessment process for determining major programs.

* THE ACT INCLUDES a new "percentage-of-coverage" rule requiring auditors to select and test major programs that account for 50% of federal expenditures. The percentage of expenditures to be audited is reduced to 25% for low-risk organizations.

* AUDITORS MUST REPORT findings in a separate schedule of findings and questioned costs that includes a summary of audit results.

* THE ACT ALLOWS audits of performance information and experimentation with alternative methods of achieving the objectives of the single audit process.

NORWOOD J. JACKSON, JR., CPA, is deputy controller of the Office of Management and Budget, Office of Federal Financial Management, Washington, D.C. He is a member of the AICPA auditing standards board and the U.S. Comptroller General's Auditing Standards Advisory, Council. JERRY C. SKELLY, CPA, is an assistant director of the Accounting and Information Management Division of the U.S. General Accounting Office, Washington, D.C.

Selecting a Program for Audit

* Under the previous law, approximately 90% of dollars, but only 20% of program were tested.

* Under the new law, all federal programs will be subject to selection for testing.


New Concerns for Independent Auditors:

A Practitioner's Perspective

The Single Audit Act Amendments of 1996 offers both opportunities and challenges to the independent audit community. While in some instances the act and subsequent Office of Management and Budget (OMB) actions have eliminated significant issues with earlier regulations, they also have created potential new liability and implementation concerns for the independent auditor. Nonetheless, eliminating the provisions that were interpreted as requiring disclosure of all findings (regardless of materiality), testing nonmajor program transactions when not part of the 50% criteria rules and the increase in the audit threshold all should have a favorable impact on the performance and effectiveness of the single audit.

The challenge for auditors

The most challenging implementation issue facing the independent auditor is the application of the risk-based approach in selecting major programs. While it is a better means of meeting the original federal objectives of directing audit resources to the greatest risk areas, the approach is complicated and confusing. The auditor will have to apply a program selection process that will stratify the federal programs into type A, type B or certain noncash programs while considering both the risk criteria outlined by the OMB and the auditor's experience and judgment with such an environment. It will be incumbent on the auditor to adequately document the process of risk evaluation and the selection of federal programs for testing. Even though OMB guidance stresses the precedence of the auditor's judgment in this selection process, the federal and state oversight organizations' predisposition to second-guess that judgment will always be a major concern. It is rare that an auditor finds a program manager who believes that the program he or she administers is "low" risk.

The external auditor is required to make the workpapers available to either the federal agency or the General Accounting Office (1) as part of a quality control review, (2) to resolve audit findings or (3) to carry out oversight responsibilities consistent with the act's purposes. Independent auditors are concerned the third requirement is too vague. Such a mandate may increase the liability and cost exposure to the auditor and to the client. Auditors hope the federal agencies are judicious in exercising the authority granted them by Congress in obtaining audit workpapers. The agencies need to fully recognize that such papers may contain trade secrets and confidential commercial and financial information and as such should be treated as confidential under the Federal Information act.

Subrecipients receiving less than $300,000 are no longer subject to single audit requirements. However, the auditor must be cognizant of the recipient's responsibility to monitor the subrecipients' activities to ensure that the federal objectives are fulfilled. Therefore, in some instances the recipient's auditor may have to review the subrecipients' records as a part of obtaining sufficient evidence to support the auditor's reports on compliance and internal controls. With a significant number of entities no longer subject to single audit requirements, auditors with clients that pass through material funding to subrecipients may find it necessary to increase audit procedures or, at the least, reevaluate their audit approach in this area.

The passage of the act and subsequent OMB revisions gives the audit community the chance to reexamine and revise the single audit reports and guidance currently found in several American Institute of CPAs audit guides and statements of position. Because of the encompassing nature of the act, the profession will finally be able to move forward with, if not report simplification, at least consolidation and a real reduction in the number of auditor reports. With all major industries that receive federal awards covered by the act, the profession now will have the opportunity to present all audit guidance in one document, eliminating inconsistencies. The AICPA has assembled a task force to address both audit guidance and auditor reports for single audits of state and local governments and not-for-profit entities, including colleges and universities and health care organizations. As in all major changes, whether the act's objectives are met will be evident only with experience over the next few years. The Single Audit Act of 1984 resulted in significant improvements in the financial management of federal programs; it is expected that, with the new legislation and regulations and their successful application by the audit community, progress will continue.

--George A. Scott, CPA, partner of Deloitte & Touche, LLP, and former chairman of the AICPA government accounting and auditing committee


A State Auditor's Point of View

The California State Auditor's Office has extensive experience working under the guidelines of the single audit legislation. In fact, we have been performing the largest single audit in the nation every year since the early 1980s. Although the Single Audit Act of 1984 was a success, we thought improvements were needed to address changes in the auditing profession and financial management in general. For this reason, we supported the Single Audit Act Amendments of 1996 as it made its legislative journey this past year.

There are four provisions of the 1996 act that significantly affect how we will perform single audits.

* The risk-based approach. The director of the Office of Management and Budget (OMB) will prescribe risk-based program selection criteria to replace the program expenditure method, which we have used as the sole basis of selecting major grants.

* Authorizing pilot projects. The OMB director can authorize alternative methods, which will allow us to test new methods of performance auditing to complement the act's traditional financial and compliance methods.

* Earlier reporting. The new, shorter deadline for audit reports will ensure that our state auditor's office, as well as federal program managers, take corrective action in a timely manner when there is noncompliance with program requirements.

* Raising the audit thresholds. The threshold before an audit is mandated has been raised to $300,000 from $25,000. In California's single audits, the act's new thresholds will result in a reduction in the total number of grants audited, yet we expect to maintain approximately 95% coverage of federal receipts.

We look forward to implementing the act's provisions during our single audit of California's 1996-97 fiscal year. Of particular interest will be identifying some federal programs as high risk that previously were not audited because they were not defined as "major" programs under the 1984 act. These high-risk grants will replace some of the federal programs that have had no material noncompliance or identified reportable conditions in over 10 years. Compliance problems, accountability lapses and control weaknesses are most likely to occur when audits are not used as a year-to-year deterrent. Therefore, we believe that risk-based auditing should produce results.

We will be one of the first states to work with the OMB to identify some areas of the single audit where performance audits may be beneficial. We have issued more than 1,000 performance audits of state and local programs in California since 1969. In tracking these audits, we have generated $12 in savings for every $1 of audit cost. We are convinced that using our performance audit expertise in the federal program will generate savings and improve efficiency and effectiveness.

--Kurt R. Sjoberg, CPA California state auditor

Where to Find Copies

Copies of OMB circular A-133 may be obtained through the Internet at the OMB home page, which is located at http://www. white /WH/EOP/OMB/html/ombhome. html; from the [C]MB fax information line, 202-395-9068, document no. 1133; or by phone at 202-395-7332.

Copies of the Single Audit Act Amendments of t996 may be obtained from the GAO Office of Policy Bulletin Board at 202-512-4286, which also may be reached through the Internet at ( Select the gateway option; GAO's bulletin board is no. 135. Copies also are available on the AICPA fax hotline by dialing 201-938-3787 from a fax machine and selecting document no. 402.
COPYRIGHT 1996 American Institute of CPA's
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 1996, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:includes related articles on state auditor and practitioner opinions on Single Audit Act Amendments of 1996
Author:Sjoberg, Kurt R.
Publication:Journal of Accountancy
Date:Nov 1, 1996
Previous Article:Reinventing the CPA.
Next Article:New AICPA audit and accounting guide for NPOs.

Related Articles
Applying the 50% rule in a single audit.
Change the single audit requirements.
Common attributes of quality audits.
Which GAAP should NPOs apply?
Understanding program-specific audits.
Senator introduces bill to improve single audit process.
President signs Single Audit Act of 1996.
Bowsher says goodbye, pleased federal government is more accountable.
Single audit guidance due this spring.
Materiality considerations: audits of government financial statements just got more complex.

Terms of use | Privacy policy | Copyright © 2018 Farlex, Inc. | Feedback | For webmasters