Grant Compliance Benchmarks 2026

Allowable costs has been the most frequently cited finding category in nonprofit Single Audits for five consecutive fiscal years, according to Federal Audit Clearinghouse aggregate data. It is also the most preventable: it does not require sophisticated accounting systems to address, only consistent documentation practices and a grants manager who reviews expense coding before month-end close rather than after an auditor flags a transaction.

Top Finding Categories by Frequency

The OMB Compliance Supplement identifies 12 types of compliance requirements applicable to federal program clusters. Based on Federal Audit Clearinghouse aggregate data for fiscal years 2018–2022, the five most frequently cited categories for nonprofit organizations are:

1. Allowable costs/cost principles (28% of findings) Costs charged to federal awards are either not permitted under 2 CFR 200 Subpart E or are permitted but not adequately documented. The most common sub-issues: indirect costs charged without a written cost allocation plan, personnel costs without adequate time-and-effort documentation (for positions charged to multiple cost objectives), and costs that are not allocable to the federal award (they benefit other programs but are charged entirely to the federal award).

2. Activities allowed/unallowed (19% of findings) Federal funds are expended on activities outside the approved scope of the award, or on activities prohibited by the enabling statute or program regulations. This category includes expenditures for activities that a reasonable person would consider to be within the spirit of the award but that the program’s authorizing legislation or the award agreement specifically restricts.

3. Reporting (17% of findings) Required financial and performance reports are submitted late, contain material errors, or do not reconcile to the accounting records. The SF-425 Federal Financial Report is the most commonly cited document — organizations that track federal expenditures in spreadsheets rather than in their accounting system routinely report figures that don’t match their general ledger when auditors request reconciliation.

4. Cash management (14% of findings) Under the Cash Management Improvement Act and 2 CFR 200.305, organizations must minimize the time between drawing down federal cash and expending it. Findings in this category occur when organizations draw advance payments significantly in excess of immediate need, hold cash for extended periods before spending, or cannot document that federal cash was expended within three days of receipt. ARPA-funded programs generated a significant increase in cash management findings in FY2022 because many organizations received large advance payments for multi-year programs.

5. Subrecipient monitoring (11% of findings) Pass-through entities that subaward federal funds to subrecipients are required to monitor subrecipient performance and compliance under 2 CFR 200.332. Findings occur when pass-through entities conduct monitoring informally without documentation, fail to verify that required subrecipient audits have been submitted, or do not follow up on subrecipient findings within required timeframes.

Repeat Finding Rates

The most striking figure in Federal Audit Clearinghouse data is the repeat finding rate. According to the FY2022 summary report, 43% of compliance findings in nonprofit Single Audits are repeat findings — the same finding was identified in a prior audit period and has not been fully resolved.

The repeat rate varies significantly by finding category:

Subrecipient monitoring: 51% repeat rate (the highest of any category)
Allowable costs/cost principles: 47% repeat rate
Activities allowed/unallowed: 38% repeat rate
Reporting: 34% repeat rate
Cash management: 29% repeat rate

The high repeat rate for subrecipient monitoring reflects the difficulty of implementing monitoring systems when the organization’s infrastructure was not built to handle pass-through responsibilities. The high repeat rate for allowable costs reflects the challenge of changing documentation practices across an entire organization — a corrective action plan can describe the required changes, but implementing them consistently requires training, system changes, and management oversight that take more than one audit cycle to embed.

Average Disallowance Amounts

The AICPA Governmental Audit Quality Center’s 2023 Findings Cost Analysis places the average disallowance amount for an allowable costs finding at $23,000–$67,000 per finding, depending on award size and scope of the violation. This range reflects:

Small organizations with awards under $300,000: average disallowance of $8,000–$23,000
Mid-sized organizations with awards of $300,000–$1 million: average disallowance of $23,000–$67,000
Large organizations with awards over $1 million: average disallowance of $67,000–$200,000+

These are average disallowances for findings that result in a determination by the awarding agency. Not all findings result in disallowance — the agency may accept a corrective action plan without requiring repayment — but organizations that have experienced a disallowance report that the financial impact, combined with the staff time cost of the corrective action process, typically ranges from $30,000 to $100,000 in total cost per finding.

Compliance Staffing and Finding Rates

The most actionable benchmark in the sector is the relationship between dedicated compliance staffing and finding rates. The Nonprofit Finance Fund and Association of Nonprofit Accountants and Finance Professionals (ANAFP) joint survey conducted in 2023 found that 68% of nonprofits that receive a compliance finding in their first Single Audit have no dedicated grant compliance staff. In these organizations, grant management — award setup, expense coding review, reporting deadline tracking, funder communication — is handled by the executive director, a program director, or a development associate alongside their primary responsibilities.

The implication is not simply that more staff is better. It is that grant compliance requires dedicated attention at specific points in the award cycle — initial budget setup, monthly expense review, quarterly financial reporting, and close-out documentation — and when that attention is distributed across staff with other primary responsibilities, compliance gaps accumulate invisibly until an auditor identifies them.

Grants Management Software and Compliance Outcomes

The Urban Institute Center on Nonprofits and Philanthropy’s Grant Management Practices Survey 2023 found a 22-percentage-point difference in compliance finding rates between organizations using dedicated grants management software and those tracking grants in spreadsheets, after controlling for organization size and grant portfolio complexity.

Specifically:

Organizations using dedicated grants management software: 18% compliance finding rate in their most recent audit
Organizations tracking grants in spreadsheets: 40% compliance finding rate in their most recent audit

The mechanism is not simply that better software prevents findings — it is that software creates visibility. Organizations using dedicated software can see at any time whether expenditures against a specific award are within approved budget categories, whether reporting deadlines are approaching, and whether cash drawdowns are consistent with program spending. Spreadsheet-based tracking creates this visibility only when someone updates the spreadsheet — which, under operational pressure, is often not current enough to prevent compliance gaps.

Implications for Grant Managers

Three benchmark thresholds are worth tracking against your own compliance posture:

First, your organization’s allowable costs documentation rate: if your grants manager cannot produce supporting documentation for 100% of transactions charged to federal awards on demand — without a search — your documentation protocol has gaps that will produce a finding.

Second, your reporting reconciliation: if your SF-425 submissions are prepared from spreadsheets rather than directly from your accounting system, reconcile them before submission and retain the reconciliation documentation. The reporting finding category is almost entirely a reconciliation problem.

Third, your subrecipient monitoring documentation: if your organization passes federal funds to subrecipients, your monitoring visits and desk reviews must produce written records that would satisfy an auditor’s evidentiary standard. An email exchange is not documentation; a signed monitoring checklist with follow-up correspondence is.

Free resource

Get the Nonprofit Grant Compliance Checklist

A practical checklist for post-award grant compliance: restricted funds, reporting cadence, audit prep, and common failure points. Delivered by email.

Frequently asked

Frequently Asked Questions

What is the most common cause of allowable cost findings in nonprofit Single Audits?

The most common root cause of allowable cost findings — the leading finding category for five consecutive fiscal years per Federal Audit Clearinghouse data — is inadequate or missing documentation for costs charged to federal awards. Under 2 CFR 200.302, organizations must maintain records that identify the source and application of funds for federal awards, including costs charged and indirect cost recovery. When auditors request support for a sample of transactions and the organization cannot produce time-and-effort documentation for personnel costs, vendor invoices for supply purchases, or competitive procurement records for contracts, those costs are disallowed. The finding is not usually about costs being unreasonable — it is about costs being unsubstantiated. The fix is a documentation protocol, not a new accounting methodology.

What counts as adequate subrecipient monitoring?

Under 2 CFR 200.332, pass-through entities are required to: evaluate each subrecipient's risk before the award is made, monitor subrecipient activities during the award period, perform on-site reviews or desk reviews for high-risk subrecipients, verify that required subrecipient audits have been obtained and reviewed, and take action when subrecipient performance or compliance is inadequate. 'Adequate' monitoring is documented monitoring — a desk review or site visit that produced a written report, a checklist of the compliance requirements reviewed, and documented follow-up on any issues identified. The most common subrecipient monitoring finding is not that the pass-through entity failed to monitor entirely, but that it conducted informal monitoring without documentation that would satisfy an auditor's evidentiary standard.

How do you calculate the disallowance risk for a grant compliance finding?

Disallowance risk is calculated by multiplying the dollar value of transactions in the questioned category by the probability of disallowance based on finding type. For allowable cost findings, auditors typically sample a subset of transactions and extrapolate findings to the full population. If an auditor samples 25 transactions totaling $50,000 and finds $8,000 of questioned costs (16%), they may extrapolate that $16,000–$24,000 of the full direct cost pool for that award is at risk. Not all questioned costs result in disallowance — the federal awarding agency reviews the audit findings and makes a final determination — but organizations should treat questioned costs as probable disallowances in their financial planning. Organizations with questioned costs on open awards must often set aside reserves until the determination is final, which can take 12–18 months.