When the new grant regulations mandated a risk assessment performed by Federal agencies and pass-through entities for everyone getting Federal awards, the grant community was rightly concerned about how this would work in real-life.
Now that we completed several months of this new requirement, the results are mixed.
It seemed simple enough… 2 CFR Part 200.205 mandated Federal agencies to have in place a framework to assess the level of risk posed by grant applicants before awarding Federal funds.
But the devil is in the details!
And even though the stated goals of the new Uniform Guidance for grants include lessening administrative burden and making the regulations more consistent across various Federal agencies, the application of the new risk assessment framework has been anything but consistent.
Assessment of Risk: What Can We Agree On?
There are several aspects of the risk assessment that we all can agree are important, both for Federal agencies and pass-through entities who are also required to perform this review on their sub-recipients.
Here are few common criteria:
• Financial stability of the grant applicant
• Quality of management systems in place
• Solid history of performance on past awards
As you can see, organizations with past success in grant management and performance are better positioned to receive more awards in the future.
But after agreement on these basic measurements, the consistently of the assessment methods diverge wildly.
We reviewed a number of Federal agencies to see how they were handling the new risk assessment requirement and here are some examples of what we found…
Case #1: National Science Foundation (NSF)
We started with the National Science Foundation by searching their website and their new Proposal and Award Policies and Procedures Guide for references to the new risk assessment.
In Chapter III, Section F of the guide, we found a section on NSF’s Risk Management Framework and the Decision to Award or Decline Proposals.
In this case, the risk assessment takes place after the decision is made to recommend the program for an award and the programmatic approval is made.
As we predicted, the framework heavily favors organizations that have previously done a good job with their grant management.
Here are some examples:
1. If you have not received NSF funding in the last five years, all proposers would be subject to pre-award financial and administrative reviews if recommended for an award.
2. The NSF will consider the organization’s track record of managing past and current awards.
3. If you have any existing issues, or corrective actions, or audit findings, the status of these will be taken into account before issuing any more awards.
Case #2: Department of Education (ED)
We then shifted to the Department of Education and found a much more comprehensive approach to the new risk assessment with an extensive FAQ about the new risk assessment.
However, some aspects of the FAQ left us more confused that when we started when it came to the responsibilities of pass-through entities.
• 2 CFR Part 200.331 states that the pass-through entity must evaluate each subrecipient’s risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring.
• But the DOE FAQ indicates there is no requirement for grantees to assess risks before making subgrants.
In the initial information sessions on the new grant regulations the pass-through responsibilities were described as mirroring the agency requirements.
This FAQ suggests a lessening of the pass-through burden.
(This is certainly a breath of fresh air for pass-through entities.)
Case #3: Federal Emergency Management Agency (FEMA)
A division of the Department of Homeland Security, FEMA refers to the new risk assessment on their Interim Guidance on 2 C.F.R. Part 200 with general criteria which once again look at the grant management performance of the grant applicant.
1. Does the pass-through entity/recipient have the necessary experience, organization, and technical qualifications to manage the award?
2. Did the recipient have any major findings on the last single audit?
3. Does the award recipient have a history of poor performance, and has it violated past terms and conditions on any prior awards?
Grant Recipient Beware
It’s clear that the Federal agencies vary widely in their readiness and application of the new risk assessment requirements.
When you are considering applying for additional Federal awards, make sure you look at the guidelines for your specific funding agency or you may be disappointed by the results.
Well-trained program staff, strong internal controls, and successful performance of the award objectives will give you the edge for future funding.
Great grant management never goes out of style!
Ready to Improve Your Grant Management?
How about you?
Would you like to be a better grant manager?
We have another grant management training seminar coming soon.
Click here to get all the details!
Hope to see you there!
Lucy Morgan CPA, MBA
CEO, Compliance Warrior
Author of “Decoding Grant Management-The Ultimate Success Guide to the Federal Grant Regulations in 2 CFR Part 200” The 2nd Edition is now available on Amazon in Paperback and Kindle versions.