For Health Care Organizations, Federal Awards Come with New Compliance Requirements

A version of this article previously appeared in California Healthcare News on July 12, 2016.

Many health care organizations depend on the support of federal grants and funding. One of the most profound changes affecting health care organizations receiving federal awards today—as well as any other not-for-profit organizations that accept them—is the Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards, generally referred to as the uniform guidance.

Because noncompliance with federal statutes, regulations, and the terms and conditions of federal awards poses a risk of loss of funding, penalties, and suspension from future federal awards, health care organizations need to be in compliance with the uniform guidance for any new federal awards or incremental funding issued by a federal agency on or after December 26, 2014. Understanding the key areas of compliance and implementing corresponding internal controls will help ensure your organization is prepared for a federal compliance audit or federal agency audit, appropriately mitigating your risk, and preventing or detecting and correcting errors and fraud.

Before we dive into the impact of the uniform guidance on health care organizations, some background: The Office of Management and Budget (OMB) proposed the guidance in 2013, officially implementing it in December 2014. The uniform guidance consolidates eight existing OMB circulars into one set of guidance, eliminating duplicative language to make it clear where the requirements materially differ from one entity type to another.

What Funding Is Impacted?

Generally, federal financial assistance or cost-reimbursement contracts under the Federal Acquisition Regulation received directly from a federal awarding agency—or indirectly from a pass-through entity by a state, local government, Indian tribe, institution of higher education, or not-for-profit organization that carries out a federal award as a recipient or subrecipient—is subject to the requirements of the uniform guidance. Certain federal awarding agencies also extend the provisions of the uniform guidance to for-profit entities.

For health care organizations, a number of common funding sources are impacted:

  • General support funding, such as funding awarded to community health centers and federally qualified health centers (FQHC), which rely heavily on federal awards
  • Health care program–related grants, such as those awarded for HIV prevention and research, mental health, or substance abuse
  • Capital grants for construction or renovation of health care facilities

These awards are typically provided by the Department of Health and Human Services (HHS) and through the National Institutes of Health and the Health Resources and Services Administration.

Two federal funding areas related to health care organizations are specifically excluded from the uniform guidance:

  • Until OMB issues further specific guidance, hospitals receiving awards or subawards from HHS should continue to follow legacy guidance for cost principles. This includes hospitals receiving HHS awards administered by states, local governments, institutions of higher education, and Indian tribes for certain entitlement agreements, as outlined in Appendix IX to Title 45, Part 75, in the Code of Federal Regulations. 
  • Medicare and Medicaid reimbursements—the most common types of federal funding to health care organizations—are excluded. However, other programs run by the Centers for Medicare and Medicaid Services could potentially be subject to the uniform guidance. These often also fall under program code 93.778 in the Catalog of Federal Domestic Assistance, so review your grant and award documents carefully to understand whether a funding source is being scoped out under Medicare and Medicaid reimbursements.

Also, a note of caution: Don’t be fooled into thinking federal financial assistance from states and local governments are exempt from the uniform guidance simply because they don’t come directly from the federal government. In these cases, the organization receiving the award may qualify as a subrecipient under the uniform guidance, which means it’s subject to the same regulations as if the grant had come directly from the federal awarding agency.

Compliance and Audit Focus Areas

While the threshold at which an organization expending funds under a federal award requires a single audit is $750,000, awards below that amount are still subject to the requirements of the uniform guidance. For example, awards of any size are still subject to the relevant cost principles and administrative requirements—which means relatively small awards of $750,000 or less (say, to carry out a community health program) are on the same playing field as multimillion-dollar grants for R&D or clinical trials.

With this in mind, there are a few particularly noteworthy compliance areas under the uniform guidance: subrecipient monitoring, procurement, and required written policies and procedures.

Subrecipient Monitoring

Health care organizations may act as pass-through entities for federal awards. For example, a health system may pass federal funds through to a local clinic or specialty provider to conduct community HIV screenings or blood tests. The health system is considered a pass-through entity, and the local clinic or specialty provider may be considered a subrecipient if certain conditions are met. The subrecipient is subject to the same uniform guidance requirements as the pass-through entity, and the pass-through entity is further required to monitor its subrecipient’s compliance.

Subpart D of the uniform guidance details the pass-through entity’s responsibilities for subrecipient monitoring and management, which include (among others):

  • Assessing the risk of noncompliance on the part of the subrecipient at the outset of the relationship and at least annually afterward
  • Using that risk assessment to inform a plan for regular monitoring of the subrecipient’s compliance
  • Following through on any findings revealed in monitoring, both by remedying the immediate situation and implementing controls that prevent future noncompliance

Note that the uniform guidance distinguishes between subrecipients and contractors. Contractors (which were called vendors under previous guidance) aren’t required to be monitored.


The uniform guidance outlines five methods of procurement and sets accompanying requirements. These five methods are:

  • Micropurchases. Purchases under $3,500 don’t require quotes, but they must be equitably distributed among potential business partners.
  • Small purchases. Above the $3,500 micropurchase threshold but under $150,000, award recipients must solicit rate quotes, though no cost or price analysis is required. One example might be purchasing a centrifuge or other piece of equipment.
  • Sealed bids. Typically, construction or renovation projects qualify as sealed bids. These are greater than $150,000, and price is the major factor influencing the decision of which vendor performs the work.
  • Competitive proposals. Purchasing decisions that aren’t based strictly on price—such as an audit or even janitorial work, where price and value are both factors—typically qualify as competitive proposals. Above $150,000, these require a request for proposal and formal documentation of how prospective business partners were evaluated.
  • Sole-source or noncompetitive proposals. Procurement must fall into one of four circumstances for the sole-source method to apply. Examples might be a vaccine available from only one provider or a public emergency that doesn’t allow time for a competitive proposal.

Ensure your organization is employing best practices. Such as maintaining procurement details in award folders. Some universal standards apply to all five types of procurement:

  • Policies and procedures must be documented (more on this below).
  • The purchases must be necessary.
  • Purchases must be subject to full and open competition among vendors.
  • The procurement can’t present a conflict of interest.

Award recipients have a two-year grace period after the effective date of the uniform guidance to comply with the new procurement standards. This means organizations with December 31 fiscal year-ends must be in compliance as of January 1, 2017, and those with June 30 fiscal year-ends must be in compliance as of July 1, 2017.

Documented Policies and Procedures

The uniform guidance requires award recipients to maintain certain policies and procedures surrounding how their federal money is spent. Procurement is one area that requires documented policies and procedures; others include advance payments and reimbursements, allowable costs, and conflicts of interest.

Conflicts of interest are an especially important compliance area, because award recipients must have policies and procedures that address conflicts of interest at not only the individual level but also the organizational level. Any individual or entity with a financial interest or tangible personal benefit riding on the selection, administration, or award of a federally supported contract would be considered to have a conflict of interest. This includes not only individuals and their family members or spouse but also any parent, affiliate, and subsidiary organizations. Your conflict-of-interest policy must also discuss the disciplinary actions that apply for violations.

Learn More

Though we’ve touched on a few of the most important compliance areas under the uniform guidance, health care organizations should plan to spend a substantial amount of time determining how the guidance applies to their individual operations and analyzing the internal controls they have in place surrounding their federal awards. Typically, the Internal Control—Integrated Framework, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO), and the US Government Accountability Office’s Green Book are the best frameworks to begin analyzing, refining, and documenting your organization’s internal controls.

For greater detail on specific areas of the uniform guidance—including subrecipient monitoring, procurement, and written policies and procedures—visit

Contact Us with Questions

Enter security code:
 Security code