The 2022 Compliance Supplement: Here’s what you need to know

First, revisit the OMB technical update 

Before digging into the 2022 Compliance Supplement, make sure you’re familiar with the OMB technical update that was issued and became effective on April 8, 2022. (It’s still applicable in the 2022 Compliance Supplement.) The update affects two programs included in the 2021 Compliance Supplement (issued on Aug. 13, 2021) and Addendum 1 (issued on Dec. 3, 2021). They are the Provider Relief Fund (PRF) – 93.498 and Coronavirus State and Local Fiscal Recovery Funds (CSLFRF) – 21.027, and they apply to fiscal year audits beginning after June 30, 2020.

The 93.498 update removed the need for auditors to test compliance with Special Test and Provisions: Out-of-Network Expenses. HHS determined that the review requirements are no longer meaningful and applicable to the oversight of the program.

The 21.027 update provided an alternative audit approach for eligible CSLFRF recipients that wouldn’t otherwise be required to have a single audit as required by 2 CFR 200, subpart F, if it was not for the CSLFRF funds directly awarded by the U.S. Department of Treasury (Treasury). However, as a CSLFRF recipient, the organization may still elect a single audit or a program-specific audit under 2 CFR 200 subpart F. To qualify for this alternative, the following criteria must be met:

• The recipient’s total CSLFRF award received directly from the Treasury or received (through states) as a non-entitlement unit of local government is at or below $10 million; and
• Other federal awards expended (not including the CSLFRF award) are less than $750,000 during the recipient’s fiscal year.

Refer to the Compliance Supplement for full details.

Key takeaways from the 2022 Compliance Supplement

Programs with higher risk designation

In 2022 the OMB continues to designate certain programs — in addition to the Medicaid Cluster — as higher risk due to additional risk associated with certain COVID-19 funding. These programs are shown below.

The OMB continues to designate certain programs — in addition to the Medicaid Cluster — as higher risk due to additional risk associated with certain COVID-19 funding.

Note that a higher-risk program will often result in a Type A program/cluster being audited as a major program. However, the OMB specified that an auditor is not precluded from determining that a higher risk Type A program/cluster qualifies as a low-risk Type A program if the following criteria are met:

• The program otherwise meets the criteria for a low-risk Type A program in section 200.518 of the Uniform Guidance; and
• The percentage of COVID-19 funding in the program/cluster during the entity’s fiscal year is not material to the program/cluster as a whole.

What are the implications of higher risk designations on Type B programs? Auditors are not required to prioritize the assessment of risk for higher risk Type B programs/clusters over other type B programs/clusters. However, auditors must consider the “higher risk” designation along with the other factors of risk assessment included in section 200.519 of Uniform Guidance when assessing Type B programs/clusters. So, it’s important to remember that these other factors do exist, and auditors must consider them when determining major programs. An increased number of programs/clusters designated as higher risk will likely result in a substantial increase in the number of major programs.

An increased number of programs/clusters designated as higher risk will likely result in a substantial increase in the number of major programs.

Agency guidance for COVID-19 programs

The COVID-19 pandemic has led many federal agencies to issue implementing guidance outside the normal regulatory process for new and existing programs receiving COVID-19 funding. The guidance is issued to communicate the relevant rules and regulations and provide clarification, but it does not create new compliance requirements. Review the guidance to understand the compliance delegated with these funds. And remember — documentation is key! It’s imperative that your organization documents all decisions — including any guidance used — to support compliance with the terms and conditions of awards.

Identification of COVID-19 related awards and compliance requirements

Similar to the prior two years, the OMB continues to instruct both recipients and subrecipients to separately identify COVID-19 expenditures on the Schedule of Expenditures and Federal Awards and Data Collection Form. This may be accomplished by identifying COVID-19 expenditures on a separate line by ALN with “COVID-19” as a prefix to the program name and “COVID-19” on the DCF specifically as the first characters in Part II, Item 1c, Additional Award Information.

You should be able to identify which awards received by the organization were specific to COVID-19. To assist, federal awarding agencies are responsible for identifying COVID-19 related awards and communicating the applicable compliance requirements to the recipient. Similarly, pass-through entities are responsible for identifying COVID-19 related awards and communicating the applicable requirements to their subrecipients. This information is needed to allow the pass-through entity to monitor subrecipient expenditures of COVID-19 funds properly, and to support oversight by the federal awarding agencies, Federal Offices of Inspector General, and the Government Accountability Office.

Detailed listing of changes

As a reminder, Appendix V, Lists of Changes for the 2022 Compliance Supplement, provides an overview of the detailed changes by Assistance Listing number. This section should be reviewed thoroughly.

Future addendums

The OMB has indicated that there will not be an addendum to the 2022 Compliance Supplement. Any programs established by the Infrastructure Investment and Jobs Act will be included in the 2023 Compliance Supplement.

The OMB has indicated that there will not be an addendum to the 2022 Compliance Supplement.

Single audit due dates

Organizations are required to electronically submit to the FAC the data collection form and the reporting package, including the auditor’s reports, within the earlier of 30 days after receipt of the auditor’s reports or nine months after the end of the audit period. Unlike prior years, there were no single audit extensions granted. The time to begin preparing for your 2022 single audits is now.

Federal Audit Clearinghouse (FAC) transition from Census to GSA

According to the 2022 Compliance Supplement, the provider of the FAC was to transition from Census to the General Services Administration on Oct. 1, 2022. However, it was recently announced this transition has been delayed by one year to accommodate further testing. As a result, Census will continue receiving audits with a fiscal period ending in 2022 (or earlier). It’s not yet clear when the FAC will begin receiving 2022 single audits. Will a single audit be deemed late based on the requirement noted above? The short answer is no; in the 2022 Compliance Supplement the OMB stated that if it were not possible to meet the 30-day aspect of the requirement due to the timing of the opening of the GSA FAC, an audit will not be considered late if it is submitted within nine months after the end of the audit period. We continue to monitor the transition process and will provide an update as we learn more.

As you prepare for your single audit and navigate the complexities of your federal funding, we’re here and ready to help. Don’t hesitate to reach out.