This past month there has been some significant developments that impact nonprofit recipients of federal contracts and grants. First, the Office of Management and Budget released its 2018 Compliance Supplement that is effective for nonprofit grantees whose fiscal years began after June 30, 2017. Further, as a result of a data breach at the System of Award Management (SAM or SAM.gov) earlier this year, the General Services Administration, which manages SAM.gov, has taken action that will require nonprofits to plan changes and updates to and renewals of SAM information months in advance. This could certainly create hurdles for quickly aligning an organization to pursue end of fiscal year opportunities and nonprofits should prepare.
Updated Compliance Supplement
On May 18, 2018, the Office of Management and Budget (OMB) released the 2018 Compliance Supplement (Supplement), which "serves to identify existing important compliance requirements that the federal government expects to be considered as part of an audit required [of nonprofits with more than $750,000 in federal grants]." However, unlike prior years where the Supplement served as a stand-alone document, this Supplement merely includes updates from the 2017 Compliance Supplement, thereby requiring nonprofits and their auditors to consult both in performing their required audit for fiscal years beginning after June 30, 2017. The Supplement is codified at 2 C.F.R. Part 200, Appendix XI.
Given the approach taken by OMB this year, it will be critical that both grantees and their auditors plan accordingly to apply both the 2017 Compliance Supplement, as well as the 2018 Supplement. To the extent conflicting guidance arises, care should be taken to assess a consistent and reasonable approach to addressing such guidance and documenting the rationale.
In light of a recent cyber-attack on the SAM, the General Services Administration, which administers SAM, is now requiring new registrants to submit notarized letters with their registration materials. Moreover, current registrants with SAM.gov, which are intending to satisfy their annual renewal obligation or even update the existing information in SAM.gov, are also required to submit a notarized letter.
The impact of this new manual process is significant and will drastically elongate the time for approval into SAM.gov and/or create significant hurdles for nonprofits seeking to pursue federal opportunities. In fact, we have learned that SAM.gov has already received tens of thousands of notarized letters, which it must manually review and process. Anecdotally, we understand the backlog could be several months for a SAM update. Further, given nonprofits cannot pursue contract opportunities unless SAM.gov reflects the nonprofit as providing the services under the applicable North American Industry Classification System (NAICS) code, a several month backlog likely makes it near impossible to quickly update SAM to pursue instant opportunities. Given this new reality (or hopefully temporary reality), nonprofits should be mindful of this backlog and plan as far in advance as possible with respect to upcoming opportunities, including renewing its SAM registration, so as not to be foreclosed from future business opportunities.