OMB Compliance Supplement: What to Know about Part 7

Single audits are essential for ensuring that organizations managing federal funds in excess of $750,000 (at present time) adhere to compliance requirements. While many programs are covered by specific rules in the OMB Compliance Supplement, others are not, requiring auditors to rely on Part 7 of the supplement. In these cases, compliance must be built from general guidance, creating a more complex and customized audit process, often relying on the merging of multiple external resources from the grantor. Understanding how Part 7 works is crucial for organizations managing federal funds to stay compliant and avoid financial or legal consequences.

What is the OMB Compliance Supplement?

The OMB Compliance Supplement, issued by the Office of Management and Budget (OMB), is a key resource for guiding auditors through the single audit process and identifying material compliance requirements for a program. It lays out the compliance requirements that federal programs must follow, covering areas such as allowable costs, procurement, reporting, and eligibility. This framework is used to ensure that organizations comply with federal rules when managing and spending federal funds.

“As a condition of receiving federal awards, non-federal entities agree to comply with laws regulation, and the provisions of grant agreements and contracts, and to maintain internal control to provide reasonable assurance of compliance with these requirements.”

What is Part 7?

Part 7 is a section of the OMB Compliance Supplement that applies to federal programs not specifically listed in the supplement. It is essentially a “catch all” section of the supplement. When a program falls under Part 7, auditors cannot follow predefined checklists or specific rules related to each compliance requirement. Instead, they must build compliance requirements using broader principles from the Compliance Supplement.

This requires auditors to:

• Use general guidance to determine key compliance areas such as financial management, internal controls, and reporting.
• Apply professional judgment to tailor compliance testing to the specific characteristics of the program.

Organizations handling federal funds in these circumstances face a more complex audit process. Unlike programs with predefined rules, programs under Part 7 demand more effort and collaboration between auditors and program managers to create the necessary compliance framework, and often, communication with external grantors and/or reliance on published resources directly from the grantor, if available.

Why Part 7 Matters

Part 7 matters because it increases the complexity of the audit process. For organizations relying on federal funds, noncompliance can lead to severe consequences, including the risk of losing funding or being required to repay misused funds. Part 7 audits require more extensive preparation, documentation, and active participation to ensure a smooth process and successful audit outcome.

Programs that fall under Part 7 are often smaller, newer, or less standardized than those with specific compliance rules. This makes understanding how to approach a Part 7 audit even more critical for program managers.

How Auditors Build Compliance from General Guidance

When a program falls under Part 7, auditors begin by reviewing the general compliance guidance provided in Part 3 of the supplement, which outlines 12 standard compliance requirements (e.g., allowable costs, eligibility, procurement, and reporting). From there, auditors work with the organization to gather any relevant program-specific documentation, such as internal policies, contracts, and federal award documents.

Generally, auditors will:

• Review General Guidance: Identify relevant compliance requirements based on the broader guidance in Part 3.
• Tailor Compliance Testing: Determine which compliance areas apply to the specific program and test for them.
• Engage with the Organization: Collaborate with the organization to gather necessary documents and build a compliance framework.
• Apply Judgment: Make professional decisions on how best to assess compliance in areas not covered by specific rules.

This process is highly customized and requires a more hands-on approach from both auditors and the organization being audited.

How to Prepare for a Part 7 Audit

Organizations managing federal programs that fall under Part 7 will want to take several steps to prepare for the audit:

• Gather Documentation: Collect all relevant internal policies, program guides, financial records, and any available federal award documents.
• Review Internal Controls: Ensure that internal controls for managing and monitoring federal funds are in place and well-documented.
• Train Staff: Make sure that staff involved in financial management are familiar with compliance requirements and are prepared to answer auditors’ questions.
• Communicate with Auditors: Be ready to collaborate with auditors, providing additional information or clarification as needed.
• Be Proactive: Anticipate areas where the lack of specific rules may create complications and work to resolve those issues before the audit begins.

Preparation is critical to reducing delays, keeping the audit on track, and ensuring compliance with federal guidelines.

Illustrative Case Study

An example of how Part 7 is applied can be seen in the Rural Education Initiative, a fictional federal program designed to support underserved rural schools. Since this program is not specifically listed in the Compliance Supplement, auditors must follow Part 7’s general guidance to build compliance requirements.

In this case, the auditors began by reviewing the general guidelines outlined in Part 3 of the Compliance Supplement, focusing on areas such as allowable costs, eligibility, and procurement. They worked closely with the program managers to gather any program-specific documentation and internal policies available.

Without predefined checklists, the auditors had to assess whether the program adhered to compliance standards, including whether federal funds were used appropriately and whether the internal controls in place were sufficient to prevent fraud or misuse. Throughout the process, the auditors relied on their professional judgment and on the cooperation of the program managers to piece together a compliance framework tailored to the program’s specific needs.

The lack of predefined rules increased the time and complexity of the audit. However, the program managers’ proactive preparation and thorough documentation helped resolve any potential issues, ensuring compliance and a successful outcome.

What’s Next

Part 7 audits require a higher level of preparation and engagement from organizations. Unlike programs with clearly defined rules, Part 7 requires auditors to apply general guidance and build compliance frameworks tailored to each situation. Understanding how this process works and actively preparing helps to ensure compliance and avoid potential penalties. For guidance on navigating single audits and Part 7, contact Shawn Middleton, Partner on the PBMares’ Not-for-Profit team.