UPDATE: In April 2022, Treasury published updated audit requirements for APRA funds for some local governments. Units that have federal single audit expenditures that meet or exceed $750,000 only because of ARP expenditures may opt to have a Compliance Examination Engagement instead of a single audit. In such instances, there would be no requirement to competitively procure single audit services. For more information, see this blog post from NCDOR: Alternative Audit Requirements for ARPA Funds for Some Local Governments.
With the passage of the American Rescue Plan Act of 2021 (“ARPA”), almost all cities and counties in North Carolina received distributions of Coronavirus State and Local Fiscal Recovery Funds (“CSLFRF”) from the U.S. Department of the Treasury (“Treasury”) to assist with pandemic recovery efforts. The School of Government has a variety of resources on its website that (1) explain what expenditures CSLFRF recipients and subrecipients may make with CSLFRF monies, and (2) provide guidance on complying with portions of the Uniform Guidance (2 C.F.R. Part 200) and North Carolina law applicable to CSLFRF funds. Some of these resources are available here and here. Importantly, Treasury issued the Final Rule for the CSLFRF program on January 6, and School faculty will be updating its materials and providing additional guidance in response to this new regulation.
Recently, many local governments in North Carolina have asked questions about the “single audit” requirements contained in the Uniform Guidance—in particular: (1) when must a non-Federal entity obtain a single audit; (2) what type of firm may perform the audit; and (3) how must a non-Federal entity procure single audit services required by the Uniform Guidance? This blog post answers these questions. (Note that North Carolina has its own single audit for units of local government that expend $500,000 or more in State financial assistance. This post only addresses the federal single audit.)
What is a “single audit” and when does the Uniform Guidance require a non-Federal entity to obtain such an audit?
Required by the Single Audit Act of 1984, as amended, a single audit is a compliance-based audit of a non-Federal entity’s expenditures of Federal financial assistance. See 31 U.S.C. §§ 7501-7506; see also 2 C.F.R. Part 200, Subpart F (setting forth “standards for obtaining consistency and uniformity among Federal agencies for the audit of non-Federal entities expending Federal awards”). Its goals are to assure the financial accuracy of a non-Federal entity’s financial statements, determine whether its internal controls are sufficient and operating properly, and review its compliance with the laws and regulations related to specific federal programs.
Subject to a limited exception, non-Federal entities (including state, local, and tribal governments) that expend $750,000 or more in Federal financial assistance during the non-Federal entity’s fiscal year must obtain a single audit. See 2 C.F.R. § 200.501(a); see also 2 C.F.R. § 200.1 (defining “Federal financial assistance”). The receipt of Federal financial assistance alone does require a unit to obtain a single audit—a non-Federal entity must have spent a minimum of $750,000 federal financial assistance during its fiscal year for the single audit requirements of 2 C.F.R. 200, Subpart F to apply.
As an alternative to the single audit, non-Federal entities may undertake a program-specific audit when a non-Federal entity or subrecipient expends Federal financial assistance under a single federal program. See 2 C.F.R. § 200.501(c); see also 2 C.F.R. § 200.507 (detailing requirements for program-specific audits).
Even if a unit of local government is not subject to the single audit requirements in the Uniform Guidance, it still must still obtain a financial audit in accordance with the Generally Acceptable Government Auditing Standards (“GAGAS”) if it expends $100,000 or more in combined federal or State financial assistance. See NC Department of State Treasurer: 35-E-1 Discussion of the Single Audit in North Carolina 2016. This audit, commonly called a “Yellow Book” audit, includes both financial and compliance components. Like the single audit, a Yellow Book audit requires that an auditor (1) provide reasonable assurance that a unit’s financial statements are free from material errors and other compliance issues, and (2) convey the results of the audit via an independent auditor’s report.
What process must a non-Federal entity follow to procure single audit services?
When the Uniform Guidance requires a non-Federal entity to procure single audit services, it must follow the procurement standards set forth in 2 C.F.R. §§ 200.317 through 200.327 of the Uniform Guidance. See 2 C.F.R. § 200.509(a). Those sections of the Uniform Guidance set forth five permissible procurement methods for non-Federal entities expending Federal financial assistance: (1) micro-purchases (§ 200.320(a)(1)); (2) small purchases (§ 200.320(a)(2)); (3) sealed bids (§ 200.320(b)(1)); (4) proposals (§ 200.320(b)(2)); and (5) noncompetitive procurement (§ 200.320(c)(1)-(5)). A non-Federal entity must apply these methods in conjunction with North Carolina law and any locally enacted procurement policies. See 2 C.F.R. § 200.318(a) (requiring non-Federal entities to “have and use documented procurement procedures consistent with State, local, and tribal laws and regulations and the standards of [2 C.F.R. § 200.318].”).
In practical terms, a non-Federal entity must (1) determine applicable federal, state, and local procurement rules, and (2) follow the “most restrictive” of those rules. That way, the non-Federal entity will satisfy the “most restrictive” rule and every less restrictive rule to which it is subject.
Except for the purchase of architectural, engineering, land surveying, or certain other alternative construction delivery services (see Article 3D of Chapter 143 of the General Statutes), North Carolina law does not require units of local government to engage in a competitive bidding process for the purchase of services (including audit services). Non-Federal entities may, by adoption of a locally applicable procurement policy, require competitive bidding in the absence of a generally applicable requirement under North Carolina law. In that case, a locally adopted policy would be “more restrictive” than North Carolina law.
A unit of local government in North Carolina can use this four-step process as a procedural roadmap when deciding how it must procure single audit services required by the Uniform Guidance:
First, a unit must establish the total cost of the single audit. While this amount does not need to be exact, the unit must gather enough information so that its estimate is reasonable. The unit will rely on this estimate to determine which procurement method to follow in Step 2.
Using the aggregate cost of the contract established in Step 1, and the chart below, determine which procurement method applies. Remember that the most-restrictive rule applies, and the non-Federal entity must follow its local policy if it sets a procurement threshold lower than that contained in the Uniform Guidance. If the non-Federal entity has self-certified a micro-purchase threshold higher than the generally applicable micro-purchase threshold set forth in the Uniform Guidance (currently $10,000), it may rely on the new threshold when the Uniform Guidance procurement standards apply to its purchases. See Connor Crews’ blog post for information on how a unit of local government in North Carolina may raise the micro-purchase threshold above $10,000 for Federal awards received after November 12, 2020 (including CSLFRF monies).
This chart does not include procurement by “sealed bids” (§ 200.320(b)(1)) or the noncompetitive procurement methods in § 200.320(c)(2), (c)(3), (c)(4), or (c)(5) because the required conditions for each such method likely will not be present during a single audit procurement.[1]
Requirements of Each Possible Single Audit Procurement Method
- Micro-Purchase (2 C.F.R. § 200.320(a)(1)): This method applies to contracts that fall under the micro-purchase threshold, which is currently set at $10,000. However, a non-Federal entity may self-certify a higher threshold “consistent with State law”[2] or a local policy may set a lower threshold amount. Micro-purchase procurement is a non-competitive process, and a unit need not receive any minimum number of proposals before awarding a contract. Even where the cost of a contract for audit services falls below the micro-purchase threshold, a unit still must consider the evaluation factors described in Step 4 below when awarding a contract in this range.
- Small Purchases (2 C.F.R. § 200.320(a)(2)): Applies to contracts falling between the micro-purchase threshold and the Simplified Acquisition Threshold (“SAT”) of $250,000. The non-Federal entity is required to solicit an “adequate number” of price or rate quotes before awarding a contract in this range.[3] It need not formally advertise a bid opportunity, but doing so may be the easiest way to satisfy the requirements of Steps 3 and 4 below.
- Proposals (2 C.F.R. § 200.320(b)(2)): This procurement method applies to single audit procurement falling above the SAT ($250,000). It requires the non-Federal entity to undertake a formal request for proposal (“RFP”) process, which includes publicization of the RFP and receipt of proposals from an “adequate number” of “qualified offerors” (2-3 proposals, at minimum, are recommended).
2 C.F.R § 200.509(a) imposes a few additional requirements on the procurement process. In addition to following one of the procurement methods described above, a non-Federal entity must:
- Make the objectives and scope of the audit clear to potential firms;
- Request a copy of the auditor’s peer review report (which the auditor is required to provide under GAGAS)); and
- Whenever possible, make affirmative efforts identified in 2 C.F.R. § 200.321(b) to utilize small businesses, minority-owned firms, and women’s business enterprises (“MWBE”) to conduct the audit.
- A non-Federal entity may contact MWBE firms directly, place these businesses on solicitation lists, and directly solicit a firm’s involvement whenever it is a potential service provider. For assistance locating MWBE firms, contact the NC HUB Office and/or Local Government Commission for suggestions on qualified MWBE firms.
In using each procurement method in Step 2, a non-Federal entity must consider the evaluation factors below (and document its consideration thereof) when awarding a contract for audit services. These factors include:
- The firm’s responsiveness to the unit’s requirements for audit services—including meeting the technical proposal instructions and addressing the technical evaluation criteria;
- The relevant experience of the firm or individual(s) involved;
- The availability of qualified staff to conduct the audit;
- The results of peer and external quality control reviews; and
- Price.
Federal agencies rely on single audits as an important mechanism of accountability to ensure the proper use of federal grant funds, and the quality of these audits has been a longstanding area of concern for the federal government. (In 2007, the President’s Council on Integrity & Efficiency published the Report on National Single Audit Sampling Project, which, based on a sampling of 208 single audits, found that an estimated 16% of single audits were of limited reliability and that 35.5% were unacceptable.) The concern over single audit quality likely explains why 2 C.F.R. § 200.509 requires non-Federal entities to consider factors other than price when selecting an auditor to perform the single audit.
While a non-Federal entity must consider price, it should not be the controlling factor in awarding a contract for auditing services. By evaluating each of these factors prior to engaging an auditor, the non-Federal entity can identify which potential auditors will have the capacity, skill, and experience necessary to complete the single audit.
If the non-Federal entity follows the four-step process outlined above, the single audit procurement will comply with 2 C.F.R § 200.509.
Is a model request for proposal (“RFP”) for single audit procurement available?
The North Carolina Department of State Treasurer (“DST”) has a model RFP for single audits available here. This document is a good starting point and can be edited by each jurisdiction to include the § 200.509 evaluation factors identified in Step 4 above.
The audit procurement process required by the Uniform Guidance is similar, but not identical, to the audit procurement process endorsed by the DST. The DST recommends a two-step evaluation process for audit RFPs. In the first step, a unit evaluates bidders for qualifications to perform the audit to decide which firm is best qualified. In the second step, a unit reviews pricing. This two-step review process is permissible under the Uniform Guidance and is a reasonable way to evaluate single audit proposals. A non-Federal entity should include in the RFP the evaluation factors outlined in Step 4 and document its consideration of these factors. A unit may evaluate proposed pricing after considering other technical factors.
Does 2 C.F.R. § 200.509 always require that a non-Federal entity release a RFP to procure single audit services?
Not necessarily, but releasing a RFP is one of the easiest ways for a non-Federal entity to document that it evaluated potential auditors using the criteria required by 2 C.F.R. § 200.509. Further, the National Intergovernmental Audit Forum, has suggested that, although there are many ways to solicit bids for audits, the “most reliable method” is a written request for proposal (see How to Avoid a Substandard Audit: Suggests for Procuring an Audit p. 8). Ultimately, § 200.509 makes clear that non-Federal entity may follow any applicable procurement method described in § 200.320. Therefore, whenever the cost of the audit services contract exceeds the micro-purchase threshold, a non-Federal entity must conduct some type of competitive bidding process.
Even if the non-Federal entity determines that the cost of an audit contract would entitle it to make a micro-purchase, 2 C.F.R. 200.509(a) should be read to independently impose the separate requirements identified in Steps 3 and 4 above. Regardless of the contract price, then, a non-Federal entity must in all cases (1) make the scope of the audit clear to potential respondents; (2) request a copy of the auditor’s peer review report; (3) attempt to engage MWBE firms; and (4) document its consideration of the evaluation criteria.
May a non-Federal entity “re-use” an auditor with which it has previously contracted to perform a single audit without rebidding?
Maybe.
If, in a previous procurement process for its current auditor, a unit followed the (1) applicable procurement methods contained in 2 C.F.R. §§ 200.317-200.327, and (2) the requirements of 2 C.F.R. § 200.509, it may be able to use the same auditor. If a non-Federal entity did not competitively bid the audit contract (assuming the cost is above the micro-purchase threshold), it should not use the current auditor without conducting a new procurement process that complies with 2 C.F.R. § 200.509.
In addition, a non-Federal entity must document that it considered the evaluation criteria set forth in § 200.509, and otherwise complied with this section, before awarding the audit contract. If a unit does not have such documentation, it should consider rebidding the single audit contract.
In short, if a non-Federal entity did not anticipate needing a federal single audit when selecting its current auditor, it should rebid the audit contract to comply with Uniform Guidance procurement rules.
May a non-Federal entity execute a multiyear agreement with an auditor?
Yes. The Uniform Guidance does not discuss the length of an audit contract or how often a non-Federal entity should re-procure audit services. Accordingly, there is no reason that a multiyear audit contract may not be awarded. Having a multiyear audit engagement has some advantages. There will likely be significant start-up costs in the first year of the agreement as the auditors will need to learn about the entity and its internal control systems; however, the auditor should be able to perform the audit for less cost in future years.[4] The non-Federal entity should include contract terms that allow it to terminate the contract for cause prior to the end of its term if the auditor fails to adequately perform the audit services.
If non-Federal funds are used to pay for the Uniform Guidance single audit, is compliance with 2 C.F.R § 200.509 still required?
Yes. 2 C.F.R. § 200.508(a) requires auditees to “[p]rocure or otherwise arrange for the audit required by [the Uniform Guidance] in accordance with § 200.509”. Conservatively, then, if a non-Federal entity must obtain an audit pursuant to 2 C.F.R. § 200.501(a), it must follow the requirements of 2 C.F.R. § 200.509—regardless of the source of funds used to pay for the audit. Follow the four-step process set forth above.
If you have additional questions regarding single audit procurement process, contact Rebecca Badgett at rbadgett@sog.unc.edu
Footnotes:
[1] The “sealed bids” method directs non-Federal entities to award contracts to the “responsible bidder whose bid, conforming with all the material terms and conditions of the invitation for bids, is the lowest in price” (2 C.F.R. § 200.320(b)(1)) and is appropriate when “the selection of the successful bidder can be made principally on the basis of price” (2 C.F.R. § 200.320(b)(1)(i)(C)). As explained in Step #4, price is one, but not the primary, consideration when a unit awards a contract for audit services. Therefore, using “sealed bids” (as set forth in the Uniform Guidance), is likely inappropriate.
200.320(c)(2), which allows noncompetitive procurement when an item is available from a “single source”, likely will not apply because audit services are available from a variety of providers. § 200.320(c)(3), which allows noncompetitive procurement when a public exigency or emergency would not permit a delay resulting from publicizing a bid opportunity, likely will not apply because a unit is not procuring audit services in an emergency or exigency situation—even though the expenditures audited may be those of federal grant dollars used to respond to COVID-19. § 200.320(c)(4), which allows noncompetitive procurement when authorized in writing by a federal agency, will not apply, at least with respect to CSLFRF, because Treasury has indicated that it will not be authorizing noncompetitive procurement in response to written requests from non-Federal entities. (See Compliance and Reporting Guidance, p. 8) Lastly, § 200.320(c)(5) likely will not apply because it is unlikely that competition for audit services will be inadequate.
[2] Connor Crews’ blog post explains how a unit of local government in North Carolina may raise the micro-purchase threshold for Federal awards received after November 12, 2020 (including CSLFRF monies). Raising the Federal Micro-Purchase Threshold: Self-Certification for Units of Local Government in North Carolina.
[4] See the National Intergovernmental Audit Forum handbook: How to Avoid a Substandard Audit: Suggests for Procuring an Audit, p.6.