• Poor documentation, unallowable costs, and misallocated spending are frequent issues that can lead to audit finding and jeopardize program funding.
• Regular financial reviews, data analysis, and technology-driven tools are essential to improve compliance monitoring and prevent misuse of grant funds.
• Targeted training, simplified guidance, and consistent communication help you better understand your responsibilities as grantees and reduce any costly errors.

—

Grant program offices are responsible for managing and allocating funds to support various initiatives. Managing the complexity of financial regulations and grant governing rules makes confirming grantee compliance a significant challenge. Those who do not adhere to financial regulations and rules risk non-compliance, resulting in fund misuse, audit findings, and jeopardizing the overall effectiveness of grant programs. An area often found most contentious in grantee audits is how operational expenses are incurred, categorized, and recorded. Operational expenses – costs associated with a grantee’s operations – include utility bills, repair and maintenance expenses, office supplies, leases, and other operating expenses.

Three common scenarios related to operational expenses can result in non-compliance:

1. Missing and/or Lack of Sufficient Documentation to Support Transactions: Inadequate documentation to validate expenses under review can be a major problem for grant program compliance. This includes missing original invoices, statements, or receipts for the expenses incurred. Financial oversight challenges can also arise when there is no proof of payment to confirm that an expense was paid to the appropriate vendor, such as bank statements, credit card receipts, or cancelled checks.
2. Unallowable Costs: Another common compliance issue is unallowable costs, which are unauthorized expenses charged to the grant according to the Code of Federal Regulations (CFRs) and relevant Program Guides.
3. Incorrect Allocation and/or Inappropriate Spending: When a grantee misallocates transactions or uses grant funds inappropriately, they may be cited for non-compliance. For example, buying gift cards and providing them to clients or employees is a risky purchase since they are difficult to track and can be used to purchase.

Strengthening Financial Oversight

There are several strategies grant program offices can use to strengthen their financial oversight and monitoring processes. Tasks may include performing a thorough review of the Federal Financial Reports (FFR) SF-425s and Single Audit Reports, monitoring and analyzing unusual and high dollar general ledger entries, testing payroll and operational expenses, and performing programmatic reviews. Additionally, leveraging technology to assist in creating tools and resources can also enhance understanding and retention of compliance requirements and monitoring.

Educate Grantees to Minimize Non-Compliance

Grant program offices can implement a multifaceted educational strategy to simplify the complexities of compliance and minimize instances of non-compliance. Strategies can include:

Offer Technical Assistance and Training Sessions

Training sessions like in-person workshops or virtual webinars for new grantees can help explain compliance requirements, reporting obligations, and allowable costs associated with their grants, and help reduce confusion and challenges for those who are new to funding. For grantees who have unique needs and challenges, grant program offices can provide targeted training and resources specific to their type of grant. Additionally, existing or legacy grantees may have questions as well. Offering refresher courses and training sessions may help minimize common mistakes even experienced grantees could make.

Provide User-Friendly Guides and Resources

Creating easily accessible, simplified, user-friendly guides that outline compliance requirements, documentation standards, and processes can provide quick, go-to resources for grantees. Providing access to online resources such as FAQs, compliance checklists, and best practice examples from successful grantees , can also help create and encourage a community where grantees can share their experiences and solutions.

Establish Regular Communication and Updates

Establishing regular communications (e.g., newsletters, emails) can help keep grantees informed and up to date on changes in compliance regulations, deadlines, or reporting requirements. Setting up one-on-one consultations or dedicated office hours for grantees to ask questions and seek clarification on compliance issues in a personalized setting is a quick way to address challenges and help foster a relationship between grant offices and grantees.

Implement Monitoring and Feedback Mechanisms

Regular monitoring of grant compliance and constructive feedback can help identify common compliance pitfalls and allow the Grant Program Office to proactively address these areas with grantees.

By adopting these strategies, grant program offices can empower grantees with the knowledge and resources needed to stay in compliance and improve the overall effectiveness of grant programs.

Written by Hira Hasan. Copyright © 2025 BDO USA, P.C. All rights reserved. www.bdo.com

How MGO Can Help

At MGO, we understand the pressures and complexities faced by grant program offices. Our experienced State and Local Government professionals work alongside public agencies to design and implement robust compliance frameworks, tailored to their funding sources and various operational needs. From reviewing financial reports to developing grantee training materials, we can help you reduce the risk of non-compliance and improve your overall grant program performance. Whether you’re addressing audit findings or proactively enhancing your oversight process, we offer the guidance, tools, and support you may need to drive impactful outcomes, using every dollar as intended. Contact us to learn how.

The post How to Improve Grantee Compliance Through Strategic Financial Oversight appeared first on MGO CPA | Tax, Audit, and Consulting Services.

• Cyber threats are increasingly elevating data and infrastructure risks for state and local governments. Proactive security standards and assessments can strengthen governmental defenses.
• Cyber Maturity Assessments (CMAs) evaluate preparedness to safeguard against, detect, isolate, and respond to system threats holistically across staff, procedures, and tools.
• Conducting a CMA can provide governments strategic advantages, such as: gauging risk management capabilities, fostering a security culture, mapping regulatory requirements, adapting to the evolving threat landscape, and informing cybersecurity strategies.

~

Cyber threats grow more sophisticated every day, increasing risks to sensitive data and critical services at the state and local level. With public-sector cyberattacks on the rise, today’s governments need to reinforce their cyber defenses to protect government operations and maintain constituent trust.

In the realm of cybersecurity, staying ahead of the curve is not just advisable; it’s imperative. In 2016, the Department of Defense (DoD) introduced a final rule amending the Defense Federal Acquisition Regulation Supplement (DFARS). This rule mandated new cybersecurity safeguards and cyber incident reporting for controlled unclassified information (CUI).

Transitioning from DFARS, the DoD has now developed the Cybersecurity Maturity Model Certification (CMMC), a framework designed to enhance the cybersecurity of government contractors. While state and local governments are not beholden to the CMMC, your team can still benefit from embracing CMMC standards and proactively developing comprehensive security programs.

5 Benefits of a Cyber Maturity Assessment for Your State or Local Government

To check your government against CMMC standards, a powerful tool you can employ is a Cyber Maturity Assessment (CMA) — which examines your organization’s overall preparedness to safeguard against, recognize, isolate, and react to cyber threats that could compromise sensitive data and systems. Analyzing more than just adherence to regulations, a CMA is a holistic analysis of people, processes, and tools that assesses the entity’s broader cyber risk exposure and defenses.

Here are five ways a CMA can be a trusted ally in fortifying your cybersecurity defenses:

1. Risk Management

The CMA framework addresses the crucial question: Is your organization equipped to navigate evolving risks effectively? With the assistance of CMA, state and local governments can gain insights into the maturity of their current processes and mechanisms. This empowers them to make informed decisions on risk mitigation strategies, ensuring a robust defense against emerging cyber threats.

2. Strengthening Security Culture

Promoting a culture of security and privacy by design is paramount in today’s digital landscape. CMA serves as a catalyst in fostering this mindset within organizations. By assessing the maturity of security practices, it enables state and local governments to identify areas for improvement, laying the foundation for a resilient security culture.

3. Understanding of Multiple Regulatory Requirements

Navigating the complex web of regulatory requirements is a challenge for any government entity. CMA provides a comprehensive understanding of an organization’s capabilities to meet controls-based regulatory requirements. This not only ensures compliance but also establishes a framework for efficient regulatory adherence, minimizing vulnerabilities.

4. Proactiveness in an Ever-Evolving Cybersecurity Landscape 

As cyber threats continue to grow in scale and sophistication, organizations must be proactive in adapting to the evolving landscape. CMA equips state and local governments with the foresight needed to stay ahead of cybercriminals. By identifying potential threats and vulnerabilities, organizations can implement strategies to drive growth and transformation while safeguarding their digital assets.

5. Determining Considerations for a Cybersecurity Strategy 

Crafting an effective cybersecurity strategy requires a deep understanding of an organization’s capabilities and potential areas for improvement. CMA assists in identifying key considerations for a cybersecurity strategy, ensuring that state and local governments can rapidly adapt to the dynamic cybersecurity landscape.

Employing a Methodical Approach to CMA that Delivers Actionable Insights

Conducting a productive CMA that yields meaningful insights requires experience with security frameworks and familiarity with the latest threat trends impacting state and local governments. At MGO, our Technology and Cybersecurity Advisory (TCA) team approaches each CMA engagement through a consistent methodology focused on mapping security practices to leading industry standards, evaluating core capability areas, and developing practical recommendations tailored to the organization. 

Key elements of MGO’s CMA methodology include:

• Utilization of NIST Cybersecurity Framework (CSF), ISO 27001 or CIS Controls as a Baseline – The TCA team will help you identify current gaps in the security of information assets and determine potential opportunities for improvement relative to your organization’s size and stage in the lifecycle.

• Focus on Key Cybersecurity Capabilities – Emphasizing key cybersecurity capabilities including governance, detection, prevention, response and legal compliance, the TCA team will assist in aligning and mapping these capabilities against industry standards.

• Recommend Prioritized Areas of a Management Action Plan – The TCA team will assist you in identifying key areas of improvement and provide a risk-ranking to help prioritize moving forward.

• Maintaining Continuous Improvement – Instituting a recurring cycle of assessment and improvement is crucial, as cybersecurity maturity is a dynamic process that must adapt to evolving threats and business needs.

How We Can Help You Achieve Your Cybersecurity Goals 

Our highly skilled team delivers in-depth cybersecurity and business knowledge that translates to outside-the-box thinking and practical recommendations. We will work with your team to conduct deep-dive walkthroughs and technical testing to help you manage potential cybers

The post Cyber Maturity Assessments for Government Security appeared first on MGO CPA | Tax, Audit, and Consulting Services.

• CFDs and IFDs are common options for financing capital projects, but have key differences in funding sources and eligible uses.
• As component units, CFDs and IFDs must be included in your government’s financial reporting.
• Determining whether to report CFDs/IFDs as fiduciary, blended, or discrete component units is crucial for accurate representation.

—

As a government leader, you are no doubt all-too-keenly aware of the challenges inherent in financing capital projects in your community. One popular option to fund infrastructure improvements in developing areas is forming special tax districts — with two of the most common variants being community facilities districts (CFDs) and infrastructure financing districts (IFDs).

While both these types of special tax districts share many similarities, it is their differences that can have a significant impact on how you report them in the financial statements of your organization. In this article, our State and Local Government professionals walk through what you need to know to successfully navigate special tax district reporting.

What Are CFDs and IFDs? 

Before we dive into reporting, here is a glimpse at how each of these special tax districts work and how they are different from one another. 

CFDS — Funding Versatile Local Improvements 

CFDs also known as Mello-Roos Districts (named for the lawmakers behind the legislation that created them), are a popular method of financing certain public capital facilities and services — especially in developing and rehabilitating areas. CFDs impose special taxes on property owners within the district, and proceeds can be used to fund any publicly owned facility with a useful life of five or more years.  

This versatile special tax district has many eligible uses — including parks, libraries, childcare and recreation centers, storm drainage systems, and more. Developers frequently establish CFDs to fund initial infrastructure as an area is built out.

IFDs — Financing Large Infrastructure

IFDs fund capital projects focused on large-scale, community-wide infrastructure needs. This includes major initiatives like highways, transit facilities, sewage treatment plants, dams, flood control systems, and other regionally significant projects.  

Unlike CFDs, IFD funding comes from growth in property tax increment above a base-year level, redirecting tax revenue that would otherwise flow to participating jurisdictions like the city, county, and special districts. In essence, those entities waive their rights to extra revenue generated by growth in the IFD area until the established revenue retention period expires (this period may last up to 30 years). 

Special Tax Districts as Component Units (and What That Means)

Current accounting standards require your government to include in its financial statements the finances of “component units”. Component units are legally separate entities for which the elected officials of a primary government are financially accountable. The primary government is financially accountable if it appoints a voting majority of the entity’s governing body and: (1) it can impose its will on that entity or (2) there is a potential for the entity to provide specific financial benefits to, or impose specific financial burdens on, the primary government. 

Under California law (different states may have different requirements), CFDs and IFDs are legally constituted governmental entities. They are established by and governed by your agency’s legislative body, whether that be the city council or county board of supervisors. This governance structure grants your government the ability to impose its will on the CFDs and IFDs since you can modify budgets or appoint key personnel. Moreover, IFDs create a financial burden by capturing property taxes that would otherwise fund services in participating jurisdictions. 

Due to this financial accountability, CFDs and IFDs are considered component units and should be included in the financial reporting entity of the primary government. That means, as a primary government, you are required to report component unit financial information within your financial reporting entity’s financial statements. 

Fiduciary, Blended, or Discretely Presented: Determining the Reporting Method 

While the objective of including component units in your financial statements is to provide an overview of your government based on financial accountability, the method of component unit inclusion – fiduciary, blended, or discretely presented – depends on the closeness of their relationship with your government. 

To assess whether a special tax district like a CFD or IFD is a fiduciary activity for reporting purposes, ask these questions: 

1. Does your government exercise control over the assets of the district? 

2. Does the government benefit from those assets (as opposed to external parties)? 

With CFDs and IFDs, the assets are typically controlled by your government but maintained for the benefit of the district (not external parties). Therefore, their relationships with your government generally do not qualify as fiduciary.  

For IFDs, the revenue they receive by capturing incremental property taxes warrants blended reporting within your government’s financial statements. That means their activity is reported like any other fund – blended in the special revenue funds or other reporting units. 

Treatment gets trickier for CFDs. The key factor is whether your government is obligated in any manner for repayment of the CFD’s bonded debt in the event of delinquencies or default by property owners. If your government must back the debt, the CFD is considered a financial burden and blending is appropriate. Blending makes the long-term debt obligation clearly visible to financial statement users. 

However, if your government has no obligation for CFD debts, the CFD should be reported in fiduciary funds. Here, your government serves as an agent on behalf of property owners and the bondholders within the CFD. The debt service transactions are kept separate from other activities. 

Ensuring Accurate and Transparent Financial Reporting 

Complicating CFD and IFD reporting is the reality that major capital improvements are often funded by a combination of financing mechanisms. You may need to untangle several types of debt and financing sources – such as grants from other governments, general obligation debt, and special assessments. The reporting guidance on CFDs and IFDs is not one-size-fits-all.  

As a steward of public resources, it is important to take care to consider all nuances of how districts are established and financed in your government. Accurately reporting CFD and IFD activities is central to upholding your responsibility to constituents. By proactively addressing district reporting, you also minimize audit issues or restatements down the road. Taking the time upfront to thoroughly understand the standards will pay dividends. 

While financing capital projects may be challenging, you don’t have to figure it out alone. Our specialized State and Local Government team can guide you through the nuances of CFD and IFD reporting. Contact our professionals today to discuss how we can help you meet the highest standards of accountability and transparency. 

The post How to Manage Financial Reporting for Special Tax Districts in Your Community appeared first on MGO CPA | Tax, Audit, and Consulting Services.