Federal Funding Terms Demystified

As a result of the COVID-19 pandemic, many entities are receiving federal funding for the first time through measures like the Coronavirus Aid, Relief, and Economic Security (CARES) Act, and subsequent relief bills. But with these funds comes various terms and conditions, and certain funds may be subject to audits by independent auditors.

Reading through the copious articles and opinions on what this audit could entail, you may see terms such as “Yellow Book Standards”, “Uniform Guidance” or "Single Audits." While these terms are common for entities that have historically received funding from governmental agencies, organizations new to these programs may be confused by all of this new terminology.

We’re here to help.


It wasn’t that long ago that standards were printed and kept on each accountant’s bookshelf. To make it easier to know which book to grab when researching audit standards or policies written by the U.S. Governmental Accountability Office (GAO), each book was color coded. Although these books are all available online now, the GAO kept the well-known color-coding system, and these reference guides are still commonly referred to by the color of the “binding.” The most-used books related to the GAO’s role as an audit institution are the Yellow and Green Books.

The publication of Government Auditing Standards is commonly referred to as the “Yellow Book”. Per the GAO, the Yellow Book is “used by auditors of government entities, entities that receive government awards and other audit organizations performing Yellow Book audits. It outlines the requirements for audit reports, professional qualifications for auditors and audit organization quality control.”

When a CPA says that the audit will be performed under the Yellow Book standards, it means that the audit will be conducted under both Generally Accepted Auditing Standards (GAAS) and also Generally Accepted Governmental Auditing Standards (GAGAS). The Yellow Book is meant to enhance the accountability for use of government funds by any entity. Therefore, any type of company (public/private, nonprofit, for-profit, governmental, etc.) in any industry could be subject to the Yellow Book requirements if the funding agency requests the audit, or if local, state or federal regulations require the audit based on the level of funding spent (or received) by the entity.

The standard independent audit of financial statements is expanded from an audit under GAAS (or the standards of the Public Company Accounting Oversight Board (PCAOB) if the entity is a public company subject to SEC regulations) to include a report on internal control over financial reporting and on compliance with provisions of laws, regulations, contracts and grant agreement that have a material effect on the financial statements. The auditor will focus time on ensuring that the entity has complied with material factors related to the public funding and will consider whether any internal control deficiencies may result in waste or abuse related to public funds.

To determine if the funds that the entity received under the CARES Act or another relief fund will require an engagement utilizing the standards in the Yellow Book requires an understanding of the terms and conditions in the granting/contract documents and may require consultation with the funding agency directly.


On Oct. 19, 1984, Congress passed the Single Audit Act of 1984. The original legislation required state and local governments and Indian tribes expending more than $100,000 in federal funds to obtain a “single audit” by an independent auditor.

The Single Audit was the term coined for the new approach meant to create more effective and efficient oversight of the use of public funds, specifically federal funds. Instead of separate audits of each program and separate financial versus compliance audits, a “single audit” would be conducted that looked at the organization (not grant by grant) and combined compliance and financial elements.

The Single Audit Act regulations are managed by the Federal Office of Management and Budget (OMB). To assist both auditors and non-federal entities in understanding the requirements for auditing and managing federal funds, the OMB issued several Circulars, which communicate instructions to federal agencies, following the Single Audit Act of 1984.

In 1990, with OMB Circular A-133, the OMB added nonprofits to the list of entities required to obtain Single Audits if the entity expenditures met the threshold. In 1996, Congress passed an amendment to the Single Audit Act of 1984, designed to improve the effectiveness of Single Audits. This amendment increased the expenditure rate of federal funds requiring an audit and introduced a risk-based audit approach, which gave the OMB the flexibility to make future Single Audit changes as needed.

In 2013, the federal government, in connection with other agencies, issued Uniform Administrative Requirements, Cost Principles and Audit Requirements for Federal Awards commonly referred to as the Uniform Guidance. This new guidance combined the multiple previous sources of guidance related to the Single Audit Act and the Circulars into one central location, and amended the information to further enhance the effectiveness and efficiency for both auditors and non-federal entities. The thresholds for entities requiring audits also increased to $750,000 in expenditures of federal funds. The Uniform Guidance is applicable to any funding issued after 2014, and audits conducted for periods ending on or after June 30, 2016.

Audits conducted under Subpart F of the Uniform Guidance are often still referred to as Single Audits. These audits entail an in-depth look at selected major programs operated by the non-federal entities including financial and compliance factors. Every year the OMB issues a Compliance Supplement that provides guidance as to what compliance factors are relevant for audit procedures, provides guidance to the non-federal entity and the auditors on how those compliance factors should be complied with, and how the compliance should be tested. Furthermore, Subpart F requires that all audits in accordance with the Uniform Guidance must also be conducted in accordance with the Yellow Book requirements.

To put it simply, if your entity will be obtaining an audit under Uniform Guidance, the audit will also be conducted under the Yellow Book standards. An audit under Subpart F will include the reports required by GAAS or PCAOB, the Yellow Book Report, an independent auditor’s report on compliance for each major program, and a report on internal control over compliance.

The Uniform Guidance generally applies to all non-federal entities receiving funds from federal agencies (see 2 CFR 200.101 for certain exceptions). A non-federal entity is defined by the Uniform Guidance as “a state, local government, Indian tribe, institution of higher education, or nonprofit organization that carries out a federal award as a recipient or subrecipient.” However, 2 CFR 200.101(c) states that a federal agency can make Subparts A-E of the Uniform Guidance applicable to “for-profit entities, foreign public entities, or foreign organizations, except where the federal awarding agency determines that the application of these subparts would be inconsistent with the international obligations of the United States or the statutes or regulations of a foreign government.”

The definition of a non-federal entity does not encompass for-profit entities, and therefore many entities may wonder about why an article such as this is important for any entity receiving CARES Act funds to review. Under Subpart F of the Uniform Guidance, there is a note that a federal agency or a pass-through funding agency can add the Single Audit requirement through the grant’s terms and conditions to a for-profit. The CARES Act provided over $2 trillion in economic relief, including billions to for-profit entities through federal agencies. In reviewing the history of the Single Audit and the goal to ensure that government funds are given efficient and effective oversight through external audits, it is not surprising that many federal agencies have included the Uniform Guidance requirements as part of the terms and conditions for the use of the CARES Act funds.


The Green Book is the Standards for Internal Control in the Federal Government. Per the GAO, the Green Book could be used by someone who manages programs for federal, state or local governments, someone conducting a performance audit or a financial audit, or someone responsible for making sure that the personnel follow policies and procedures related to any and all job responsibilities related to government funding controls.
The Green Book organizes internal control into five components: 1) Control Environment, 2) Risk Assessment, 3) Control Activities, 4) Information and Communication and 5) Monitoring. Each component is made up of separate control principles which detail certain control attributes that combined, help to provide a cohesive system of internal controls.

The Uniform Guidance notes that non-federal entities establish and maintain internal control over the federal awards that provides reasonable assurance that the non-federal entity is managing the federal awards in compliance with federal statutes, regulations, and the terms and conditions of the federal awards. The guidance notes that the internal controls established “should” be in compliance with the Green Book or the “Internal Control Integrated Framework (revised in 2013), issued by the Committee of Sponsoring Organizations of the Treadway Commission” (COSO). The use of the term “should” indicates that this is not required, but is considered to be a best practice and, therefore, entities would want to review the Green Book or COSO in their entirety to help ensure that an adequate system of internal control is designed and maintained. Part 6 of the yearly OMB Compliance Supplement helps auditors and non-federal entities by providing illustrative controls for each type of compliance requirement and is another good tool to help understand the practical application of the Green Book standards.

In summary, the federal government strives to maintain a process whereby the use of government funds is effectively and efficiently monitored to limit waste, fraud or abuse. When you receive any funds from the federal government, it is imperative to carefully read the terms and conditions of the grant agreement, visit the System for Award Management website for information on the funding and speak with the funding agency to understand the audit requirements it expects. It is critical to maintain detailed records of how the funds are spent or amounts charged to federal awards followed the agreement. Remember, even if you are not ultimately required to have an audit in accordance with the Yellow Book or the Single Audit, you are still responsible for complying with all requirements and maintaining appropriate documentation.

For more information, contact Barbara Finke, Assurance Director.
Be sure to keep up with the latest happenings in the nonprofit industry by subscribing to our blog, and following us on Twitter @BDONonprofit.