Anticipation Builds for OMB Audit Guidance
For the last few weeks, the first thing I do after making my first cup of coffee is to frantically check the Federal Register. I open my browser, click on the “current issue” link, and hold my breath. Then, as is becoming all too familiar, severe disappointment sets in — there’s nothing new from the Office of Management and Budget (OMB).
OMB is scheduled to release two important documents relating to audits of Federal grants: the 2016 Compliance Supplement and the revised SF-SAC form. The annual compliance supplement is guidance designed to assist auditors conducting single audits and to determine recipient compliance with applicable Federal laws and requirements. The SF-SAC form is the data collection worksheet auditors complete which summarizes audit results.
The three portions of the compliance supplement that will be fascinating to see this year are:
- Part 3 – Compliance Requirements. Last year, Part 3 contained two subparts; Part 3.1 applied to audits for awards issued before December 26, 2014, and Part 3.2, which discussed audit requirements for awards made under 2 CFR 200. I am interested to see what additional guidance OMB provides regarding this bifurcated audit process and if any additional guidance or insight is provided regarding audits under 2 CFR 200.
- Part 6 – Internal Controls. Part 6 is designed to assist auditors test a recipient’s internal controls and can also be used by grant recipients to develop and implement effective control over their Federal awards. 2 CFR 200.303 requires non-federal entities to develop and implement internal controls and suggests the use of either the COSO Internal Control-Integrated Framework or the Standards for Internal Control in the Federal Government, known as the “Green Book.” In 2015, OMB was unable to update Part 6 in a timely manner and removed it from the compliance supplement. According to rumors, the 2016 Compliance Supplement will contain updated internal control guidance.
- Appendix 5 – List of Changes. This appendix provides all updates and revisions from the previous compliance supplement and is first item I review each year.
The SF-SAC form is a required element of the single audit reporting package under 2 CFR200.512(b)(1). OMB is currently revising the form to align the data elements with 2 CFR 200. OMB published a notice and request for comments regarding the new form in the Federal Register on December 9, 2015. On April 22, 2016, OMB published a second notice and request for comments. The proposed SF-SAC can be viewed here.
Without the approved SF-SAC, auditees are unable to submit a single audit reporting package to the Federal Audit Clearinghouse (FAC). As a result of the delayed approval process, OMB has provided an extension for submitting the single audit reporting package until September 19, 2016. This is the second extension OMB has granted. The original extended deadline was July 31, 2016, but OMB recently provided a further extension.
It is important to note that the extension is for submitting the audit, not for conducting the audit. Auditees should also be aware that the extension is for single audits conducted under 2 CFR 200, and A-133 single audits must still be submitted on time through the FAC.
OMB previously announced the 2016 Compliance Supplement would be released in “mid-July” and based on the deadline extension for submitting the audit reporting package to the FAC, the SF-SAC form should be released anytime.
I guess I will enjoy a second cup of coffee and wait for tomorrow’s Federal Register.