Demystifying the Single Audit: Chapter 11

The Single Audit Unpacked

David Miller: Alright folks, welcome back to Government & Non-Profit Accounting. I'm David Miller, joined by Maya Collins—how you doin', Maya?

Maya Collins: Hey David! I’m great, super excited about today’s topic because—okay, hear me out—single audits are way cooler than they sound. Seriously.

David Miller: Yeah, absolutely. And I know we say that every week, but trust us—once you get past the jargon, today’s topic has some real impact. So, let’s start with what the heck a Single Audit actually is and why it, uh, even exists. Back before 1984, every federal agency ran their own separate audit on their grants. Imagine you’re a city finance director juggling, I dunno, a dozen different programs—housing, health, school lunches, every federal agency sending their own audit team, asking for different stuff. Total chaos.

Maya Collins: Yeah, like, every agency had its own rules, right? You’d be vendor-hopping just to stay in compliance. But in 1984, Congress stepped in with the Single Audit Act, after the OMB’s earlier moves, and forced everyone onto one organization-wide audit. It was a life-saver—or at least a sanity-saver—for local governments and nonprofits.

David Miller: And the point here is that instead of you burning out handling, say, separate HUD and SNAP audits, you have one comprehensive review—that’s what we call the Single Audit. PLUS, it’s only triggered when you hit a certain federal spending threshold, currently $750,000 in a year. So, if your organization spends less than that, you’re off the hook for this particular headache.

Maya Collins: Let’s break that down a bit more. Sometimes students get the financial audit mixed up with the single audit. So, a regular financial audit is about your actual financial statements and whether they’re fairly stated per GAAP—that’s where you get the classic opinion, like “unmodified” or the scary “adverse” one. But a Single Audit digs into how you spent the federal money, whether you followed federal guidelines, and if your internal controls are up to snuff. Think of it as both compliance and performance rolled into one.

David Miller: That’s a good point. And in terms of real-world grants, you’ve got lots that can tip you over that threshold: HUD money for affordable housing, Medicare funds, SNAP or TANF programs, even things like Pre-K grants or school lunch programs. The list’s pretty long.

Maya Collins: Oh! Can I tell a quick story? So, back when I was volunteering for my local after-school program, they landed a grant—big money for them, like, well over $750k. Suddenly they're scrambling because they never realized this meant they’d need a Single Audit. I think they thought audits were just for the "big" guys—like, cities and hospitals, not little ol’ kids’ programs. But, nope! A big enough award and you’re in Single Audit territory, too.

David Miller: Yeah, that happens all the time. So it’s not just mega-cities or state governments. If you get enough federal funds, you’re playing in the big leagues, audit-wise.

Navigating the Single Audit Process

Maya Collins: Alright, so let’s say you’ve hit that $750,000 threshold. Now what happens? The process always starts with putting together the SEFA—the Schedule of Expenditures of Federal Awards. Basically, a giant spreadsheet showing everything you spent from each federal program, lined up by agency, CFDA number, all that fun stuff.

David Miller: Right, the SEFA is like the road map for the whole audit. Auditors use it to figure out what programs you have, which ones are large enough or risky enough to test—we’re talking about the Type A and Type B program determination. We could nerd out on that for a while, but basically, it’s like a triage. You focus on the major programs, and you have to hit a certain percentage of total federal awards with your audit coverage—20% for low-risk entities, or 40% if you’re high-risk.

Maya Collins: And after picking programs, auditors dive in. They test compliance—did you follow all the requirements for the grant—and check your internal controls. Super important. Audit findings often pop up because folks let controls slide, or can’t prove what they did. And then they go through your financials and SEFA, do their testwork, and prepare a whole set of reports. We’re talking: your financial statements, a summary schedule of prior-year findings, a plan for this year’s corrective actions… and, of course, the main auditor’s reports themselves. It’s a mountain of paperwork.

David Miller: Exactly. And let’s not forget about auditee responsibilities. The entity being audited—the auditee—has to track all their federal awards, keep their internal controls in good shape, and make sure their records are accessible for the auditor. I remember, there was this Midwest city a few years back—uh, I won’t name names—but they hadn’t kept up with documenting whether they’d actually resolved prior year findings. So when the audit came around, it turned into a scavenger hunt. Delayed the whole process for months. Not a fun time for anyone.

Maya Collins: You’re making me sweat just thinking about it! No shade, but if you don’t have your backup ready, it’s like showing up to finals and realizing you skipped the last three homework assignments. Auditees—just be prepared to show auditors everything: staff, ledgers, e-mails, you name it.

David Miller: And don’t forget, the deadline for submitting the Single Audit package—including your Data Collection Form, or DCF—is only 30 days after you get the audit report, or nine months after your fiscal year, whichever’s sooner. Miss that deadline, and, well… let’s just say federal agencies don’t love that.

Maya Collins: Auditors handle the main reports: the opinion on your financials, the SEFA, detailed notes about internal controls and compliance, a report on each major program, and the big finale—a schedule of findings and questioned costs. They have to give their opinion on whether you’re following the rules and if there are any problem areas. And just to round it out, you—the auditee—handle the corrective action plan when things go wrong, as well as a summary of all the issues you’re still cleaning up from prior years.

David Miller: Not to mention, everyone’s signatures have to go on that DCF—the auditor and a top rep from your agency or nonprofit. So nobody’s dodging accountability here. The system’s built to keep everyone honest.

Quality Control and Common Pitfalls

Maya Collins: Okay, so all this process sounds airtight, but Single Audits are actually considered high-risk by the AICPA—like, the accounting world’s version of a red flag. Nearly half of the audits the AICPA Peer Review Program checked in 2015 had serious quality issues. That’s wild!

David Miller: Yeah, 48 percent, if I’m remembering right? I mean, that’s a coin toss. Most problems came from misidentifying major programs, mistakes in calling someone a low-risk auditee, skipping or bungling internal controls testing, or just not documenting stuff thoroughly. Sometimes it’s just sloppy work, but sometimes it's because folks don’t specialize in these audits. There’s a strong link: firms that do lots of single audits, have solid training for the engagement partner, and belong to the AICPA’s Governmental Audit Quality Center tend to have way fewer problems.

Maya Collins: Yeah, audit quality isn’t just a paperwork issue. If you look at cities—like Greenville, which spent nearly $39 million in federal awards, or Raleigh and New York with sky-high totals—the stakes get bigger and the complexity grows fast. The rules say you have to call out all your high-risk programs, both Type A and B, and audit enough programs to meet coverage: 20 percent if you’re a low-risk auditee, but 40 percent if your place has a spottier track record.

David Miller: For Greenville—let’s see, with about thirty-nine million in awards, the actual dollar threshold for what counts as a Type A program is set by those federal guidelines. It’s, uh, not a fixed number for everyone; it scales based on your total expenditures. Cities like Raleigh or New York? Same idea, but the numbers get so big, the odds that you end up with multiple major programs flagged for close review go way up.

Maya Collins: And if you don’t hit the required percentage of coverage, you’re technically out of compliance—so you don’t want to cut corners. Like David said earlier, it comes down to having the right processes, training, and a focus on good documentation. It’s a lot, but if you get it right, you’re giving taxpayers and grantors a better reason to trust your organization.

David Miller: And I mean, that’s what it all circles back to—accountability, right? We’ve said it every episode, but when you’re dealing with public money, you gotta earn that trust. Anyway, that’s probably a good place to wrap for today. Maya, I always appreciate how you keep us moving.

Maya Collins: Aw, thanks David! And thanks to all of you for joining us as we untangle these tricky topics. We’ll tackle more mysteries from the wild world of government and nonprofit finance next time—so keep those questions coming, and we’ll see you in the next episode!

David Miller: Take care everyone—and Maya, have a great week!

Maya Collins: You too, David! Bye, everyone!