Uniform Grant Guidance (UGG) – Are you “best in class”?
The administrative requirements and costs principles of the Uniform Grant Guidance (UGG) became effective on December 26, 2014, for all new awards and additional funding increments to streamline and consolidate grant guidance previously contained in eight documents. The standards set forth for the audit requirements are effective for audits of fiscal years beginning on and after January 1, 2015; the first single audit affected by the audit requirements will be for the year ended December 31, 2015. The changes impact all entities receiving and administering federal awards, as well as auditors responsible for auditing compliance of the federal awards.
It’s been almost a year since the administrative requirements and cost principles of UGG became effective; you may be wondering how your organization is doing with its implementation. For some of you, you haven’t yet been through an audit under the new UGG standards. To give you a sense of what we think some of the “best in class” organizations are doing to prepare for this implementation and to help you prepare for the questions your auditors might be asking in the future, we’ve compiled a Q&A section. The questions below may represent questions your audit firm may ask in relation to your UGG compliance; the answers are what might be the “best in class” responses. Wherever you are in your implementation process, we hope you might learn something by comparing what your responses might be to the ones provided below. Throughout the Q&A, we will provide guidance points that emphasize key provisions of UGG and the implementation process.
Q1. Who within your organization has overall responsibility for UGG implementation?
A1. The organization has assigned a person (or persons, based on the size of the organization) who is responsible for UGG implementation. The responsible party has thoroughly read 2 CFR 200, attended various trainings, is familiar with the various tools created by OMB and COFAR to facilitate and analyze the changes, and has properly communicated the changes throughout the organization. Our implementation team includes representatives from operations, finance, and grants. The diversification of the team has helped us understand how the change will impact other areas of the organization.
Q2. When do you expect the first award to require UGG compliance?
A2: The implementation team has created a timeline that indicates when grants are required to comply with UGG implementation, based on the federal award date and our understanding of the effective dates. Additionally, the team or its designee reviews all new grant agreements to determine whether UGG is applicable or not. Based on the staggered implementation, the organization has decided to implement certain UGG changes entitywide, including time and effort reporting and procurement.
Guidance Point: UGG is applicable for all new awards and additional funding increments received on or after December 26, 2014. Some organizations may not be required to implement for another several years, while others may be required to implement more quickly, based on the grant award dates. Based on the OMB FAQ updated September 2015, non-federal entities with both old and new awards may make changes to their entitywide policies (for example, payroll or procurement systems). While these changes would impact their older/existing awards, non-federal entities wishing to make these entitywide changes to comply with UGG will not be penalized for doing so.
Q3. Which administrative requirements will require changes by the organization?
A3: There’s a lot, but let’s just talk about some of the most significant administrative requirements: internal controls, subawards including subrecipient monitoring, procurements, and conflict of interest policy.
Internal Controls: With the renewed focus on internal controls, we reviewed our internal controls structure in light of the COSO framework, Green Book, and Part 3.2 of the compliance supplement. Our review focused on whether our internal controls framework was effective at 1) evaluating and monitoring compliance, 2) taking prompt action on audit findings, and 3) safeguarding protected personally identifiable or sensitive information. Based on the results we decided which internal controls required modifications.
Subawards: The implementation team determined which grants have subawards. Afterwards, a three-step process began, which included:
- Determining whether a subrecipient or contractor relationship exists. Determination about whether an organization is a subrecipient or contractor can often times require judgment. The implementation team utilizes the guidance at §200.330 to evaluate the facts and evidence in each agreement to determine the relationship.
- Rewriting all subrecipient agreements. The implementation team is responsible for ensuring that all subrecipient agreements include the 15 required data elements. We reviewed §200.331 for an all-inclusive list of the elements.
- Reviewing our subrecipient monitoring procedures. The implementation team is responsible for ensuring that subrecipient risk assessments are performed, and for ensuring that subrecipient monitoring occurs based on the risk assessment of each subrecipient. Monitoring results will dictate whether there is additional work to perform. We recognize that not every subrecipient requires or should require the same level of attention; the risk-based approach allows us to focus our attention where there is greater risk of noncompliance.
Guidance Point: The primary focus of the monitoring procedures are to ensure the federal program is operating as expected, services and costs are allowable, and any compliance issues and risks are mitigated.
Procurement: The implementation team reviewed the organization’s current procurement policy to verify it was consistent with §200.317 through §200.326. These sections describe the applicable procurement standards, the methods of procurement that are allowed, and include details of specific items that must be included within contracts under federal awards. Guidance Point: The wording in the final standards comes primarily from the original Circular A-102, with some modifications. Therefore, organizations previously not subject to Circular A-102, i.e., organizations other than state and local governments, should pay particular attention to this section. The five procurement methods are outlined in §200.320. Because of the numerous comments received, an OPTIONAL full two fiscal year extension was granted for implementation of just the procurement standards (e.g., a June 30 year end is required to implement for the year ending June 30, 2017). Organizations have the luxury of taking an additional two years before full compliance with the procurement standards is required. In the meantime, organizations must maintain written documentation about whether they have chosen to comply with the new procurement standards or are opting for the extension. Don’t forget … the organization must maintain records to sufficiently document its procurement, including the rationale for the method of procurement; the selection of contract type, contractor selection, or rejection; and basis for the contract price.
Policies: We recently revisited our conflict of interest policy to ensure compliance with §200.318. We recognize that there are two types of conflict of interest policies: employee conflict of interest and organizational conflict of interest. We maintain written standards of conduct covering conflicts of interest and governing performance of our employees engaged in the selection, award, and administration of grants. Since we do not have a parent, affiliate, or subsidiary that is not a state or local government, or Indian tribe, we aren’t subject to the organizational conflict of interest policy.
Q4. Which cost principles will require changes by your organization?
A4: Let’s talk about the biggest changes for us: time and effort reporting, indirect costs, and required certifications.
Time and Effort Reporting: Based on the final guidance specific to time and effort reporting, we are required to comply with a stringent framework of internal control objectives. Documenting and substantiating employee compensation are perhaps two of the most significant changes we contemplated. The shift from a rules-based approach that required employee activity reports to standards that are much more principles-focused gave us greater flexibility. However, we were cautious. We made the following modifications to our time and effort documentation methodology: 1) For employees charged 100 percent to a grant, we concluded monthly certifications of an employee’s time and effort, signed by the employee and direct supervisor, eliminated the need for supplemental activity reports. 2) For employees partially funded by a grant, we concluded to initially charge time and effort based on budget estimates. However, employees will still be required to complete activity reports that are consistent with the payroll period. On a monthly basis, we will prepare a reconciliation to determine the budget to actual variance. Variances that exceed 2 percent will require an adjustment. If the variance is less than or equal to 2 percent, we believe the budget estimate was a reasonable approximation of charges that are accurate, allowable, and properly allocated. Before we concluded on the above modifications, we presented our documentation methodology to our awarding agencies to ensure concurrence.
Indirect Costs: In the past, our organization never received a negotiated indirect cost rate. We considered whether to apply for a negotiated rate and decided, based on the cost benefit, to use the 10 percent de minimus rate instead. Our grant did allow for the charging of indirect costs. This de minimum rate is applied across all grants for which indirect costs are charged and will be used indefinitely. We recognize that had we had a negotiated rate and the rate was lower (or higher), the new 10 percent de minimus would not have been an option available to us.
Certifications: We revisited who within the organization should be responsible for certifying annual and final fiscal reports or vouchers, cost allocation plans, indirect cost rate proposals, and certifications of nonprofit organizations that do not meet the definition of a “major corporation.” We ensured for each certification that we were following the related requirements laid out in the cost principles.
Guidance Point: A major corporation is defined by OMB as those with more than $10 million in direct federal funding.
Q5: Are there any other things you did that helped you successfully implement these new rules?
A5: Throughout the implementation process we found it necessary and helpful to have discussions with our awarding agencies; there were many provisions that required additional guidance. Additionally, we referenced and continue to reference the Plante Moran OMB Grants Reform Guidebook.
Closing Thoughts… Best in Class:
We hope this Q&A helped you to assess your UGG implementation process. This article is only intended to provide general guidance and perhaps provoke further considerations as organization seeks to understand the UGG policy changes. Plante Moran’s deep bench of compliance specialists has closely analyzed all aspects of the new grant guidance. We welcome your questions.