Frequently Asked Questions about Audits for Foreign-based Recipients
Already have a CDC Grant?
Centers for Disease Control and Prevention (CDC) is receiving questions from its foreign-based recipient community regarding audits and has compiled a list of Frequently Asked Questions (FAQs). As CDC receives additional questions, CDC will update these FAQs. If recipients have additional or clarification questions about audits, please reach out to ORMIC.Audit.Resolution@cdc.gov.
Foreign-based recipients and sub-recipients are defined consistent with the terms “foreign organization” and “foreign public entity” as set out in grants regulations found at 45 CFR 75.2. For the purposes of CDC’s audit processes and these FAQs, CDC uses the broader terms foreign-based recipient or sub-recipient as inclusive of these defined terms. A foreign-based recipient or subrecipient is defined as a recipient headquartered in a foreign country that is performing grant activities in a foreign country.
Per 45 CFR Subpart F, a recipient must have a single or program-specific audit conducted for that fiscal year if the non-federal entity expends $750,000 or more in total on all U.S. government grants during the non-federal entity’s fiscal year. Agencies may not increase the threshold; however, they do have the authority to lower the threshold.
As a policy matter, CDC has lowered the threshold for foreign-based recipients and sub-recipients, requiring those foreign-based recipients and sub-recipients to conduct audits if they expend $300,000 or more under all U.S. government grants during the recipient’s fiscal year. When a single audit is not required, the foreign-based recipient may elect to have a program-specific audit conducted in accordance with 45 CFR 75.501.
A single audit includes an audit of both the financial statements and federal awards. Program-specific audits do not require a financial statement audit (45 CFR 75.501(c)). However, when a program-specific audit guide is not available, a program-specific audit must consist of the financial statement(s) of the federal program, a summary schedule of prior audit findings, and a corrective action plan (45 CFR 75.507(c)(3)).
Awards to foreign-based recipients are subject to 45 CFR Part 75, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Department of Health and Human Services (HHS) awards (which includes CDC), Subparts A-E. Though the grants regulations do not specify application of Subpart F (Audit Requirements) with respect to foreign-based recipients, CDC has determined that the same principles may be applied to these recipients.
Per 45 CFR Part 75.514(a), audits must be conducted in accordance with generally accepted government auditing standards. Foreign-based recipients should refer to the Government Auditing Standards (referred to as the Yellow Book) for guidance. The Government Auditing Standards identify generally accepted government auditing standards (GAGAS) for use by auditors of government entities. Foreign countries and in-country jurisdictions may apply additional audit standards, such as the auditing standards promulgated by the International Organization of Supreme Audit Institutions or the auditing guidelines of the International Auditing and Assurance Standards Board (IAASB).
Applicable administrative requirements, cost principles, and audit requirements are set out in the Terms and Conditions (T&C) of the recipient’s Notice of Award (NoA). The terms and conditions of federal awards apply to subrecipients unless the terms and conditions of the award specifically indicate otherwise. If any requirement in the NoA, Notice of Funding Opportunity (NOFO), the HHS Grants Policy Statement, 45 CFR Part 75, or applicable statutes/appropriations acts conflict, then statutes and regulations take precedence.
CDC requires that the auditor used by a foreign-based recipient be a U.S.-based Certified Public Accountant firm, the foreign government’s Supreme Audit Institution or equivalent, or an audit firm on the non-US Audit Firm list maintained by the U.S. Agency for International Development (USAID). CDC may review as necessary any audits received from a firm from the USAID list to ensure the firm meets GAGAS requirements.
As noted above, USAID maintains a list of non-US auditing firms, which is one of three types of auditing firms that are acceptable for CDC foreign-based awards. For the current list, CDC recipients can contact their Grants Management Officer or Grants Management Specialist listed in their Notice of Award.
If a CDC recipient would like to have an audit firm added to the USAID list, they should contact USAID.
