Monitoring Subrecipients; Your Responsibility as a Pass-through Entity
- January 26, 2011
- Carol Barnard
- 117 Views
If your organization gets federal grant funding and passes any of that funding through to subrecipients in a second-tier grant manner, then there are certain responsibilities you need to be aware of. Your organization is the “pass-through entity” and the grant you awarded goes to the “subrecipient”. It can get confusing when you are also in receipt of indirect federal funding. A-133 compliance requirements include adequate subrecipient monitoring, findings follow-up procedures, and informing the subrecipient of the federal requirements they are required to adhere to. The original grant agreement may detail particular program requirements or agency specific regulations, but the A-133 compliance requirements will apply even if not listed in detail in your agreement.
Ultimately – the key point to remember is that the granting agency holds you responsible for any of the subrecipient’s activity including but not limited to questioned costs, unallowable expenses, or other compliance violations. These requirements are true whether you have passed funding through to nonprofits or for-profit entities that qualify as a subrecipient as opposed to a vendor.
OMB Circular A-133 places the following responsibilities on you as a pass-through entity:
- Identify federal awards, including originating Agency, CFDA numbers, original award name and number and whether or not the award is Research & Development or American Recovery and Reinvestment Act (ARRA) funding.
- Inform your subrecipients of requirements imposed on them by federal laws, regulations and any particular program requirements or agency specific regulations. Remember that the agency is holding you responsible for your subrecipient.
- Monitor the activities of your subrecipients as necessary to ensure that the funding is used for authorized purposes in compliance with A-133 requirements, pertinent laws, regulations and provisions of the agreement. Performance targets should also be monitored as part of the pass-through entity’s responsibility. This may include requiring regular reports, site visits, regular contact in a manner that achieves “adequate monitoring” to ensure compliance and performance. The consideration of the size and complexity of the program is given.
- Ensure that subrecipients expending $500K or more in federal funding (from ALL sources, not just your organization) have met the audit requirements of Circular A-133 for their fiscal year. The best way to ensure this is to require that the subrecipient submit their audit reports to you annually.
- Issue a management decision on any audit findings and ensure that the subrecipient takes appropriate and timely corrective action. This means your response must be timely as well. In order to know any audit findings, you need to require that your subrecipient submit their audit report and if they are not having an A-133 single audit, then require that they submit any management letter to you as well. As a pass-through entity, you have a responsibility to follow-up on corrective actions. Any inability or unwillingness to correct findings should result in sanctions deemed appropriate by the pass-through entity.
- Consider whether any of the subrecipient’s findings necessitate an adjustment on your organization’s own financial records.
- Require that your subrecipient permits your organization and your auditors to have access to their records and financial statements as necessary for the pass-through entity to comply with Circular A-133.
- Maintain subrecipient report submissions on file for at least 3 years from the date received.
The A-133 AICPA Audit Guide states that “it is more likely that the receipt and review of such audit results is only one tool used by the pass-through entity as part of a comprehensive subrecipient-monitoring process.” It is on the pass-through organization to consider whether receipt and review of the subrecipient’s A-133 audit is sufficient to meet the subrecipient monitoring requirement and documenting that you performed this task adequately. Essentially, your organization needs to do enough to be comfortable being held responsible for all of the subrecipient’s activity.