Accounting for Shuttered Venue Operators Grants

By Tammy Ricciardella, CPA


On Dec. 27, 2020, the Economic Aid to Hard-Hit Small Businesses, Nonprofits and Venues Act (the Act) became law as a part of the Consolidated Appropriations Act, 2021 (CAA). The American Rescue Plan Act also provides $16 billion in grants to shuttered venues, to be administered directly by the Small Business Administration’s (SBA) Office of Disaster Assistance.

The SBA has issued guidance that is available on its site as of July 22, 2021. Recipients of this funding should refer to the site often as additional information is expected to be released as the program is developed. Included in the SBA information is a very extensive list of Frequently Asked Questions related to the Shuttered Venue Operators Grant (SVOG) (last updated July 22, 2021 as of the date of this article). Please refer to the SBA Frequently Asked Questions (FAQs) and other information for more detailed answers to questions about the program.

Under the terms of the SVOG recipients are not required to repay the funding as long as funds are used for eligible uses as defined in the guidance by the dates specified by the program.

Nonprofit Accounting for an SVOG

The AICPA recently issued nonauthoritative guidance that recipients should consider in determining the accounting treatment for an SVOG. This Technical Question and Answer (TQA) applies to both nonprofit entities and private business entities.

The TQA notes that nonprofit entities should account for the SVOG as a government grant in accordance with the “contributions received” subsections of the Financial Accounting Standards Board (FASB) Accounting Standards Codification (ASC) 958-605, Not-for-Profit Entities – Revenue Recognition. Under this guidance, an entity must first determine if a contribution is conditional or unconditional. If a recipient is required to meet conditions imposed by the government to be entitled to receive or keep the funds, then the contribution is conditional. The recognition of contribution revenue is then deferred until the conditions are substantially met or explicitly waived. As a reminder, an entity cannot factor in the likelihood that the condition will be met in determining whether a grant is conditional or unconditional.

Under the SVOG, since entitlement to the payments from the SBA is conditioned upon having incurred eligible expenses there is deemed to be a barrier to entitlement. Also, under the SVOG noncompliance with the terms and conditions is grounds for the SBA to recoup the funds so there is deemed to be a right of return. Based on these two facts, the SVOG would be considered a conditional contribution under FASB ASC 958-605. Therefore, contribution revenue would be recognized only to the extent that eligible expenses have been incurred at that date.

Each nonprofit that receives an SVOG will need to evaluate its individual facts and circumstances in determining the extent to which conditions have been substantially met at a given reporting date. Payment amounts received that exceed recognizable contribution revenue would be reported as a refundable advance in the liability section of the statement of financial position. This is based on the fact that entitlement to the funds is conditioned on eligible expenses that are expected to be incurred in subsequent accounting periods.

To the extent a nonprofit determines that conditions have been met and have recognized contribution revenue it will also need to consider whether there are restrictions imposed by the government on the use of these funds. Since under the SVOG, payments can only be used for eligible expenses as defined by the SBA, these funds would also be considered to be donor restricted. Due to the relationship of the conditions and the restrictions, meaning both are hinged on eligible expenses being incurred as defined by the SBA, these would likely be satisfied simultaneously. However, each nonprofit entity has to make this assessment for its specific facts and circumstances.

If a nonprofit entity deems that the condition and restriction are satisfied simultaneously, the entity would record the contribution revenue in net assets with donor restrictions with a reclassification to net assets without restrictions to reflect the satisfaction of the donor restriction in its statement of activities. If the nonprofit entity has elected and disclosed one of the simultaneous release accounting policy options as outlined in FASB ASC 958-605-45, it could report contribution revenue directly in net assets without donor restrictions.

If a for-profit business entity receives an SVOG it should refer to the TQA for the guidance options that are outlined specifically for business entities for more information.

Single Audit Impact

Per the website, Assistance Listing 59.075, an SVOG is subject to a single audit under the Uniform Guidance if the nonprofit entity receiving the funds has total federal expenditures in the fiscal year under audit in excess of the $750,000 threshold.

The website also notes “that if the awardee is a for-profit entity, subparts A through E of the Uniform Guidance are not required and will not be applied. SBA will, however, comply with any audit requirements in subpart F that apply to the for-profit community.” The AICPA Governmental Audit Quality Center currently has an inquiry into the Office of Management and Budget (OMB) and the SBA about the meaning of this statement as it relates to for-profit entities. Stay tuned for more information on this topic on both the OMB and SBA websites.


Copyright © 2021 BDO USA, LLP. All rights reserved.

This article originally appeared in BDO USA, LLP’s “Nonprofit Standard” newsletter (Fall 2021). Copyright © 2021 BDO USA, LLP. All rights reserved.

Higher Education in the U.S. – Rising Costs, Enrollment Challenges and the Need for Innovative Solutions

By David Clark, CIA, CFE, CRMA, Seth Miller Gabriel, Umer Yaqub

The higher education landscape has changed over the last few decades, with increasing concern regarding declining enrollment and institutions’ ability to drive revenue by attracting and retaining students at levels necessary to support operations. The impact of COVID-19 on colleges and universities has hastened this transformation. Demographic changes, policy changes, rising operational costs and a shifting cost/revenue model have resulted in many institutions facing the very real prospect of closing their doors. Out of this new reality, higher education institutions are seeking innovative ideas to balance budgets and address these unprecedented challenges.

The downturn in higher education enrollment has been forecast for many years. Lower birth rates have been driving down the overall student applicant pool by 2.6 million, or 13 percent, for a decade. The number of college-aged students is expected to drop even more as American families get smaller and the full impact of COVID-19 on the nation’s birth rate is realized. At the same time, the number of international students attending U.S. institutions has also decreased, as tighter visa polices have been established and universities around the world have become increasingly competitive. Lastly, increasing costs of attendance and ballooning levels of student loan debt have many potential applicants questioning the value and need for a “traditional” college education, especially in the face of evolving norms around virtual learning. Rising costs for colleges and universities

As the number of tuition-paying students has decreased, the cost of attracting those students and operating a college campus has increased. Over the last few decades, many colleges have invested in new dormitory, athletic and student center facilities in hopes of enrolling more students. This has come at a cost, not only in terms of construction but also in terms of redirecting investments (such as the maintenance of existing buildings) to these new facilities. Other costs have also increased—including salaries for professors and other staff and the bill for healthcare and other benefits—all while institutions are faced with the very real need to lower tuition costs to support access to higher education.

COVID-19 accelerated these negative economic factors for many schools. Having students attend courses online rather than in person resulted in dormitory rent incomes falling, meal plan cancellations and bookstores closing. Other high-dollar revenue centers like ticket sales for sports events and parent spending during campus visits dried up. This lack of income did not stop personnel costs, building costs (even a closed building costs money to maintain) and debt service costs (as many colleges took loans for those buildings) from continuing.

How public-private partnerships can help

Innovative project delivery, including public-private partnerships (P3s), have the potential to provide institutions with more options when facing changing financial needs, especially related to physical infrastructure. These partnership options can range from changing lightbulbs to relocation of campuses. Energy savings performance contracts (ESPCs), such as one with a private partner designing, installing, financing and maintaining the move to energy efficient LEDs, are one of the easiest solutions for a college to lower its annual expenses. Building maintenance can be transferred to a private partner for decades based on a set availability payment, or an entire campus can be transferred via a sale-leaseback agreement. These structures allow a college or university to address its maintenance backlog (or the maintenance that should have been done to campus buildings and is now a major financial liability) and return its focus to the core mission – education.

The involvement of private investment can also allow for a focus on new, non-education direct revenue for colleges or universities. A P3 structure could allow a college or university to activate unused or underused real estate to generate needed income. Possible projects include developing and operating data centers and lifelong learning communities on campus. These new facilities can also have the added benefit of providing needed internship and career opportunities for students, as well as engaging alumni.

Hope for the future of higher education

From lower enrollment to higher costs, the landscape of higher education is evolving and presenting financial pressures that many institutions have struggled to contend with. While the near and long term remain uncertain, innovative project delivery, optimized long-term facility management and public-private partnerships offer a clear and brighter path forward.

This article originally appeared in BDO USA, LLP’s “Nonprofit Standard” newsletter (Fall 2021). Copyright © 2021 BDO USA, LLP. All rights reserved.

Top Considerations for the Nonprofit Sector

By Divya Gadre, CPA

Since navigating the headwinds of the past year, nonprofit organizations have reimagined their operations to maintain relationships with donors, volunteers and the communities they serve while discovering new means to protect mission funding. Even so, the impacts of the pandemic and calls to further social justice work won’t subside overnight, leaving many organizations continuing to reassess their processes, approaches and impact.

In this article we outline five considerations nonprofits are contending with and how organizations can approach them:

  1. COVID-19 Relief Funds

Since the outbreak of the COVID-19 global pandemic, some nonprofit organizations have benefited from different types of federal financial aid. These include the Paycheck Protection Program (PPP), Economic Injury Disaster Loans (EIDL) and the Main Street Lending program advances and loans, the Higher Education Emergency Relief Fund (HEERF), the Employee Retention Credit (ERC), the Families First Coronavirus Response Act (FFCRA) which paid sick and child care leave and related federal tax credits, shuttered venue relief, special relief for hospitals and healthcare providers, and the ability to defer certain federal payroll deposits interest free. To ensure compliance, nonprofits should consider the following questions:

  • Is your organization covering the same cost by two sources of stimulus funding?
  • Are your costs and stimulus aid accounted for appropriately? Consider whether the funding is a loan or revenue, and investigate potential debt covenant implications. Be mindful of maintaining appropriate controls to process your funding and complying with the specific requirements related to your federal assistance, such as the single audit.

Organizations should involve auditors, bankers and key board members in discussions around managing and abiding by the various requirements of pandemic-related federal financial aid. Nonprofits should be cognizant of any federal program rules (which frequently change) and should be sure to document the organization’s compliance with those requirements.

  1. New Accounting Standards

The Financial Accounting Standards Board (FASB) Accounting Standards Update (ASU) 2016-02, Leases, is now effective for many nonprofit organizations. The impacts of adopting ASU 2016-02 include:

  • Lease arrangements have to be classified as either finance leases or operating leases.
  • The right-of-use asset model, which shifts from the risk-and-reward approach to a control-based approach.
  • Lessees will recognize an asset on the statement of financial position, representing their right to use the leased asset over the lease term and recognize a corresponding lease liability to make the lease payments.
  • The lease liability is based on the present value of future lease payments using a discount rate to determine the present value based on the rate implicit in the lease, if readily determinable, or the lessee’s incremental borrowing rate.

To prepare, organizations should discuss the new lease standard with their accounting advisors and evaluate the impact the standard will have on all facets of the organization’s leasing activities. Organizations should also identify and classify all leases based on the criteria in the ASU, and prepare financial statements based on the guidance. The organization should determine if the impact of adopting the standard causes any potential issues with meeting current debt covenants. Lastly, organizations should review current lease disclosures and update them to meet the ASU’s criteria.

The FASB issued ASU 2020-07, Presentation and Disclosures by Not-for-Profit Entities for Contributed Nonfinancial Assets, to increase the transparency of the presentation and disclosure of these items. Important items to note are:

  • The ASU should be applied retrospectively to all periods presented and is effective for annual reporting periods after June 15, 2021 and interim periods within annual periods after June 15, 2022. Early adoption is permitted.
  • The ASU requires that contributed nonfinancial assets be presented as a separate line item in the statement of activities, apart from contributions of cash and other financial assets.
  • The ASU outlines specific disclosures related to contributed nonfinancial assets that organizations will have to add to their financial statements.

To prepare, organizations should discuss this new standard with their accounting advisors and evaluate the impact the standard will have on the presentation and disclosure of contributed nonfinancial assets.

  1. Cybersecurity and Breaches

As many nonprofits have moved to adopt a fully remote or hybrid work environment, there are significantly more employees working from home, using personal devices, internet providers and cybersecurity practices that likely aren’t as robust as an organization’s systems. As a result, there has been an increase in cybercrime, and these occurrences are only expected to continue to rise as bad actors become more advanced. This is especially harmful to nonprofits because of the sensitive information they may have in their records pertaining to staff and the communities they serve. A breach could present significant reputational risk and damage future fundraising efforts and partnerships.

For this reason, it’s imperative that nonprofits prioritize risk management to implement procedures to safeguard against cyberattacks as well as prepare their organizations to respond to a cyber breach. Organizations should develop a robust plan and implement procedures to guide the steps the organization will undertake if a breach were to occur.

  1. Sudden Increased Use of Technology

For some organizations, remote work has highlighted their reliance on manual workflows. Certain internal processes that worked before, such as cross-organization collaboration in communal workspaces and in-person reviews of invoices, are no longer the status quo.

As a result, organizations should reassess systems, controls and processes from a remote work point of view and develop a plan to share with management and board members/committees. The plan should reflect the organization’s goals for adopting technology across departments, a funding plan and actionable steps to facilitate implementation.

  1. Diversity, Equity and Inclusion (DEI)

The events of the past year have drawn heightened attention to organizations’ social impact, and nonprofits should carefully consider their organizational approach to DEI. Begin with an exploration of these terms and define what they mean for your organization and its mission. Consider the following questions:

  • Is your organization prepared to be transparent about the steps it is taking to become more diverse and encourage inclusive practices? How does your organization communicate its values to the public and new or existing staff and volunteers?
  • Does your nonprofit create opportunities to listen to the voices directly from community, grassroots or young leaders in low-income, underserved and/or marginalized populations?
  • How can your nonprofit open its board recruitment and staff hiring pipeline to talented candidates from underrepresented groups?
  • How can your organization work with existing and future collaborative and community partners to ensure they share similar values and approaches to DEI? Are you having these conversations at the onset of new partnerships?
  • How will your nonprofit assess the progress you are making toward your goals? What will success look like?

No matter what stage your organization is in with regard to a DEI strategy, you should ensure that it’s ingrained seamlessly in all processes. Organizations can broaden their view by relying on experts, board members and external consultants, to brainstorm the most impactful approach.

As we emerge from the pandemic, the nonprofit landscape will continue to evolve. To support operational sustainability and social justice work, it’s imperative for organizations to monitor how these considerations impact their mission and processes, and their ability to remain agile enough to adapt to change.

This article originally appeared in BDO USA, LLP’s “Nonprofit Standard” newsletter (Fall 2021). Copyright © 2021 BDO USA, LLP. All rights reserved.

OMB Issues the 2021 Compliance Supplement

By Tammy Ricciardella, CPA

On August 12, 2021, the Office of Management and Budget (OMB) issued the 2021 Compliance Supplement (Supplement). The Supplement is effective for audits of fiscal years beginning after June 30, 2020. The Supplement can be accessed on the OMB website.

There are numerous changes in the Supplement this year that will be important for those with federal funding to focus on. Some highlights are as follows:The Supplement is issued annually to assist auditors by providing a source of information related to various federal programs and assist with the identification of compliance requirements. However, auditees, both for-profit and nonprofit, should be familiar with the content included in the Supplement as it relates to their federal funding. The Supplement includes information related to the Provider Relief Fund, Coronavirus Relief Fund (CRF) and Education Stabilization Fund (ESF) among many others.

Part 2, Matrix of Compliance Requirements, is important to review to determine the programs included in the Supplement and the compliance requirements that will be subject to audit. Although auditees need to ensure they comply with all requirements of their agreements from the federal agencies and pass-through entities, the Supplement is helpful to see which compliance areas will be subjected to audit for their major programs.

Part 3, Compliance Requirements, has been updated to reflect the August 2020 Uniform Guidance revisions. In addition, the section for the reporting compliance requirement has been updated to reflect changes to the Federal Funding Accountability and Transparency Act (FFATA) that is applicable for certain major programs. Auditees should be aware of these requirements to ensure they are in compliance with the FFATA reporting.

Part 5, Student Financial Assistance, has been updated significantly to reflect numerous compliance requirement changes.

All recipients with federal funding should read Appendix V, List of Changes for the 2021 Compliance Supplement, and Appendix VII, Other Audit Advisories. Appendix V lists the changes to the programs that were made in the Supplement and Appendix VII focuses on additional guidance on COVID-19 funding and other matters. Appendix VII contains a definition of COVID-19 funding and makes it clear that only funding from one of the following federal programs that was received by an entity as a new program or funding to an existing program meets the definition of COVID-19 funding referred to throughout the Supplement:

  • Coronavirus Preparedness and Response Supplemental Appropriations Act
  • Families First Coronavirus Response Act
  • Coronavirus Aid, Relief, and Economic Security Act (CARES Act)
  • Coronavirus Response and Relief Supplemental Appropriations Act (CRRSAA)
  • American Rescue Plan (ARP)

Appendix VII also outlines how to reflect donated personal protective equipment (PPE) on the Schedule of Expenditures of Federal Awards (SEFA). If an entity received donations of PPE without any compliance or reporting requirements or Assistance Listings (formerly CFDA) from donors, these should be shown at the fair market value at the time of receipt as a stand-alone footnote accompanying the SEFA. In addition, the amount of donated PPE should not be included for purposes of determining if the entity has met the threshold for a single audit.

However, if an auditee receives funds provided under an Assistance Listing, either from a federal agency directly or a pass-through entity, to purchase PPE these amounts would be included in expenditures on the SEFA.

Appendix VII reminds entities acting as a pass-through entity when awarding COVID-19 funds to subrecipients to be sure they are documenting at the time of the subaward the fact that the funds are COVID-19 funds and providing the Assistance Listing number and the dollar amount of COVID-19 funds.

Subsequent to the release of the Supplement, OMB has announced that they plan to issue two Addenda. The first Addendum is to be issued in early Fall and likely include the Coronavirus State and Local Fiscal Recovery Fund (Assistance Listing 21.027) and updates to the Education Stabilization Fund (Assistance Listing 84.425). The second Addendum is to be issued later in the Fall. The second Addendum is expected to include the following three Treasury programs: Capital Projects Fund (no Assistance Listing yet); Homeownership Assistance Fund (Assistance Listing 21.026); and the Local Assistance and Tribal Consistency Fund (no Assistance Listing yet). The second Addendum may include additional new programs.

OMB will post the Addenda to the website when available. The Addenda will not be posted to the OMB website; however, OMB will be responsible for reviewing the Addenda prior to issuance and they will be considered an official part of the 2021 OMB Compliance Supplement.

Appendix IV, Internal Reference Tables, lists all COVID-19 programs arising from the COVID-19 funding listed earlier that have been identified as “higher risk.” The designation of “higher risk” programs from the ARP have not been made yet, so stay tuned for any communication of these in the forthcoming Addenda. The Medicaid cluster continues to be designated as “higher risk” as in prior years.

Programs Designated as Higher Risk per Appendix IV
Agency Assistance Listing (CFDA) Number Title
HHS 93.778/93.777/93.775 Medicaid Cluster
HHS 93.498 Provider Relief Fund
HHS 93.461 Testing for the Uninsured
Transportation 20.106 Airport Improvement Program
Transportation 20.500/20.507/20.525/20.526 Federal Transit Cluster
Treasury 21.019 C cronavirus Relief Fund
Treasury 21.023 Emergency Rental Assistance (This program, was established by the CRRSAA, was not included in the Supplement. )
Education 84.425 Education Stabilization Fund

The designation of these new programs as “higher risk” in the Supplement may result in additional programs being identified as major programs by your auditors in the single audit. Auditees should be aware of this effect and be prepared for this reality. This will mean that additional documentation and support may be required by the auditors.

This article originally appeared in BDO USA, LLP’s “Nonprofit Standard” newsletter (Fall 2021). Copyright © 2021 BDO USA, LLP. All rights reserved.

Provider Relief Fund Updated Single Audit Requirements

By Carla DeMartini, CPA

What is the Provider Relief Fund?

The Provider Relief Fund (PRF) is the federal program issued under the Coronavirus Aid, Relief, and Economic Security (CARES) Act aimed at supporting eligible health care providers in the battle against the COVID-19 pandemic. The PRF is administered by the Health Resources and Services Administration (HRSA). PRF provides relief funds to eligible providers of health care services and support for health care-related expenses or lost revenues attributable to the coronavirus.

There has been considerable time spent by the U.S. Department of Health and Human Services (HHS) in determining how to manage these funds and the timing and nature of audit procedures that would be applicable to these funds. The 2021 Office of Management and Budget Compliance Supplement (Supplement) includes a section on the PRF funds in Part 4, Agency Program Requirements (Assistance Listing 93.498). This section addresses many of the questions related to how and when to report PRF expenditures and lost revenues in both the HRSA reporting portal and on the Schedule of Expenditures of Federal Awards (SEFA).

Key Highlights

Eligible Expenses Timeline

PRF recipients must use payments only for eligible expenses including services rendered, and lost revenues during the period of availability, as outlined in the table below. Providers must use a consistent basis of accounting to determine expenses. PRF recipients may use payments for eligible expenses incurred prior to receipt of those payments (i.e., pre-award costs) dating back to Jan. 1, 2020, so long as they are to prevent, prepare for, and respond to the coronavirus.

SEFA reporting amounts for PRF, including expenditures and lost revenues, are based upon the PRF report that is required to be submitted to the Provider Relief Fund Reporting Portal.

The table below outlines the deadline to use PRF funds and the timing of when to report expenditures on the HRSA portal. This table is excerpted from Part 4 of the Supplement for Assistance Listing 93.498, Provider Relief Fund.


Payment Received Period 

(Payments Exceeding $10,000 in Aggregate Received)

Deadline to Use Funds PRF Portal Reporting Time Period
Period 1 From April 10, 2020 to June 30, 2020 June 30, 2021 July 1, 2021 to September 30, 2021 (HHS has announced there is a 60-day grace period)
Period 2 From July 1, 2020 to December 31, 2020 December 31, 2021 January 1, 2022 to March 31, 2022
Period 3 From January 1, 2021 to June 30, 2021 June 30, 2022 July 1, 2022 to September 30, 2022
Period 4 From July 1, 2021 to December 31, 2021 December 31, 2022 January 1, 2023 to March 31, 2023

Single Audit and SEFA Considerations

Since the PRF amounts to be reported on a recipient’s SEFA are based on the PRF report that is required to be submitted to the HRSA reporting portal and, due to the fact that the PRF report must be tested by the auditors as part of their testing on the reporting compliance requirement under the Supplement, the timing of the single audit needs to be based on when the recipient has filed the required HHS PRF report.

Thus, for single audits of fiscal year ends (FYEs) prior to June 29, 2021, PRF expenditures and lost revenues should be excluded from the SEFA.  For FYEs on or after June 30, 2021, single audits should be delayed until recipients have completed the reporting in the PRF reporting portal.

Summary of SEFA Reporting of PRF for FYEs Covered by the Supplement

For a FYE of June 30, 2021, and through FYEs of Dec. 30, 2021, recipients should report in the SEFA, the expenditures, and lost revenues from the Period 1 PRF report.

For a FYE of Dec. 31, 2021, and through FYEs of June 29, 2022, recipients should report in the SEFA, the expenditures, and lost revenues from both the Period 1 and Period 2 PRF reports.

For FYEs on or after June 20, 2022, SEFA reporting guidance related to Period 3 and Period 4 is expected to be provided in the 2022 OMB Compliance Supplement.

Defining the Entity to be Audited

The reporting entity required for PRF reporting purposes may not align to the reporting entity as defined for financial reporting purposes. It is important to note that the required PRF level of reporting has no bearing on the application of the requirements of 2 Code of Federal Regulations 200.514 for defining the entity to be audited for single audit purposes. Therefore, for single audits that include PRF, the single audit must cover the entire operations of the auditee, or, at the option of the auditee, such audit must include a series of audits that cover departments, agencies and other organizational units that expended or otherwise administered federal awards during such audit period, provided that each such audit must encompass the financial statements and SEFA for each such department, agency and other organizational unit, which must be considered to be a nonfederal entity.

The Supplement notes that as a best practice, recipients of PRF may wish to include a footnote disclosure in the SEFA to identify which providers by Taxpayer Identification Number (TIN) are included in the audit.

Audits of For-Profit Recipients of PRF

The AICPA Governmental Audit Quality Center (GAQC) is still trying to determine the impact and relevance of the above guidance on for-profit recipients related to PRF funding. The GAQC has emphasized to HHS the need for such guidance, and they believe that HHS will be developing additional guidance to address for-profit considerations.

This article originally appeared in BDO USA, LLP’s “Nonprofit Standard” newsletter (Fall 2021). Copyright © 2021 BDO USA, LLP. All rights reserved.

Revisions to the Uniform Guidance Affecting Recipients

By Tammy Ricciardella, CPA

On Aug. 13, 2020, the Office of Management and Budget (OMB) issued Final Guidance on amendments to the OMB Guidance for Grants and Agreements (Uniform Guidance). This reflects the first revisions to this guidance since they were originally issued in 2013. The impact from these revisions range from minor and unique circumstances to large-scale changes that affect all recipients. Thus, if you receive federal funding, it is important that you review the OMB revisions in their entirety to ensure you are familiar with these changes and implement necessary changes to your systems and provide appropriate training to your grants management and accounting personnel.

The revisions are generally effective for new awards issued on or after Nov. 12, 2020.

Following is a high level summary of certain of the noteworthy administrative type changes:

  • 2 CFR 200.414(f) De Minimis Rate – this section permits entities with negotiated indirect cost rate agreements (NICRA) that have expired to use the 10% de minimis rate to calculate indirect costs.
  • 2 CFR 200.414(h) Publication of NICRAs – this is a new section that requires certain information related to NICRAs to be collected and displayed on a public website. The information is limited to the indirect negotiated rate, distribution base and the rate type.
  • 2 CFR 200.322 Domestic Preferences – this section encourages recipients to “maximize use of goods, products and materials produced in the United States.”
  • 2 CFR 200.320 Methods of Procurement – this section was amended to reflect the revised thresholds for micro-purchases at $10,000 and the simplified acquisition threshold at $250,000. This also permits recipients to request higher micro-purchase thresholds up to $50,000 from the agencies.
  • 2 CFR 200.244 Closeout – OMB revised the time period for recipients to submit closeout reports and liquidate all financial obligations from 90 days to 120 days.

There were also certain clarifications of existing provisions that were made to provide clarity related to a pass-through entity’s responsibilities. These revisions clarified that:

  • Pass-through entities are responsible for addressing only a subrecipient’s audit findings specifically related to its award.
  • OMB directs pass-through entities to use a subrecipient’s NICRA but, if none exists, the parties are to either negotiate a rate, use the de minimis rate, or subrecipient may use the cost allocation method to account for indirect costs.

As part of the update the provisions of the National Defense Authorization Act for FY 2019 was incorporated which prohibits the obligation or expenditures of federal funds and awards for the use of “covered telecommunications equipment or services.” (See 2 CFR 200.216) This prohibition is effective Aug. 13, 2020.

This article originally appeared in BDO USA, LLP’s “Nonprofit Standard” newsletter (Spring 2021). Copyright © 2021 BDO USA, LLP. All rights reserved.

Nonprofit Data Breach Vulnerabilities and How to Avoid Them

By Mike Lee, CIPM, Alexandre Chanoine, J.D. and Derrick King

As more people are shifting to digital lifestyles and remote operations, data is being passed through the internet now more than ever. Proportionate to this, however, are the opportunities for potential compromise of the data, particularly via a data breach. Data breaches are the unauthorized access or disclosure of data for other than authorized and intended purposes. Nonprofit organizations, regardless of size, can be susceptible to a data breach as most accept and facilitate donations, which typically require the collection, processing, and maintenance of financial information. According to the Association of Certified Fraud Examiners 2020 Global Study, nonprofit organizations may be especially vulnerable compared to their for-profit counterparts as resources for privacy/security infrastructure are oftentimes harder to allocate. In recent years, cybercriminals have sought to harvest data for their own gain, targeting nonprofit donor and even employee data systems.

Common Causes of Data Breaches

Data breaches can transpire and come in various forms. Per The NonProfit Times, about 75% of data breaches originate from outside the organization via malicious hackers and phishing activities, while approximately 25% stem from internal sources. The following are some of the most common causes of breaches:

  • Lack of organizational privacy/security infrastructure, which incidentally is the part an organization can control. Privacy practices and controls (whether administrative or technical) may not appear as a high return on investment, but they can and will eventually be a good use of organizational resources. Do not let this be an afterthought.
  • Human error or negligence – everyone has an “oops” moment, whether it’s accidentally sending an email to an unintended recipient, attaching the wrong file or falling for a phishing attack. These are common honest mistakes absent malicious intent and can be remediated through mandatory privacy trainings, privacy awareness campaigns or administrative announcements reminding employees to secure the data they process.
  • Ransomware and phishing attacks can and have been extremely damaging to organizations and individuals. Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid to the actor. Phishing is the fraudulent act of sending emails posing to be from a reputable company in order to trick individuals into providing their personal data, such as passwords or credit card information. When in doubt, if something doesn’t appear to be for legitimate purposes or from a legitimate source, defer to your IT and privacy/security personnel.
  • E-commerce hacks can occur if your organization uses an online store as a fundraising tool. Given the volume of payment information collected and stored, this opens up donors’ personal data to compromise if not adequately secured.
  • Despite the move to digital platforms and mediums, stolen hardware and/or physical files can still be compromised. It may be a laptop left in the backseat of a car that was just broken into or data that was physically mailed out without a tracking mechanism and can’t be located. Users should always be cognizant of the data they process and maintain—especially outside of their normal work environment.

Recent Nonprofit Data Breaches

Nonprofit organizations have incurred significant breaches in recent years, both in terms of volume of records compromised, as well financial losses. The following are several examples—each by an external party—with varying results that may be surprising.

  • In May 2019, a New York-based social services agency, suffered a breach of upwards of 1,000 of its clients’ personal data when two of their employees’ email accounts were hacked. Per the organization’s official notice of the incident, the personal data breached may have included full names, addresses, Social Security numbers, financial account information, medical information, health insurance information and/or driver’s license or other government identification numbers. Following initial detection and reporting of the breach, the agency reset the passwords for the hacked accounts.
  • A Connecticut-based charity fell victim to a nearly $1 million cyberscam in May of 2017. Hackers were able to use the email account of a U.S. employee to create false invoices and other documents to trick the organization into sending nearly $1 million to a fraudulent entity in Japan. Unfortunately, by the time the breach was detected, the transfer had already cleared. However, the organization was able to recoup all but $112,000 via its insurance policy.
  • A Charleston, S.C. cloud-based fundraising vendor for nonprofits and educational institutions, incurred a ransomware attack in early 2020 before it was detected in May of the same year. You know how they say, “Never pay the ransom?” The vendor paid the ransom. However, before receiving confirmation that the data had been destroyed, the attackers copied personal data from approximately 6 million clients—including donors, potential donors, patients and other stakeholders. Among the heavily impacted clients were Inova Health, Saint Luke’s Foundation and MultiCare Foundation.

Best Practices to Prevent Data Breaches

Past data breaches suffered by nonprofit organizations provide us with lessons learned, which can then be leveraged into best practices. Consider the following to bolster your organization’s privacy/security framework and minimize exposure to risks:

  • Leverage external resources to identify and cover any privacy/security gaps. Perform a risk assessment to take inventory of what personal data is collected, used and managed to determine the risks associated with possessing the data. Purchasing cyber liability insurance can also help with providing comprehensive risk management insurance, and mitigate the financial impacts of a data breach. (See Mark Millard’s article on page 15 for more information.)
  • Fortify your donation platform’s security. Work with IT, as well as any vendors to comply with applicable privacy/security regulations and standards, such as Payment Card Industry Data Security Standard (PCI DSS) and the General Data Protection Regulation (GDPR). These are particularly relevant given the high utilization of credit card information.
  • Regularly review and actively manage users’ access permissions. Monitor and update role-based access for users who have access to data throughout business operations to ensure they only use what they need proportionate to their respective roles. This will also help mitigate the disgruntled former employee breach scenario.
  • Implement data minimization controls, only collecting and processing what information is needed for authorized and legitimate business purposes. Similarly, implement and adhere to a data retention policy, only retaining what is necessary to accomplish the objectives and properly disposing of data when it is no longer needed.
  • Ensure older and sunsetting technologies have been wiped of personal data prior to getting rid of them. Storing data in multiple locations and mediums helps mitigate hardware failure, but they still need to be accounted for prior to retirement.
  • Report breaches, as soon as they are detected. While the point is to mitigate the risks if a breach occurs, the reality is that they are almost unavoidable. It is important to have dedicated incident/breach response policies and procedures, including tabletop activities to prepare for the inevitable breach. (A tabletop activity is a security incident preparedness activity, taking participants through the process of dealing with a simulated incident scenario and providing hands-on training highlighting flaws in incident response planning.)


Data breaches — the causes, impacts and consequences — can be devastating to an organization. As such, it is imperative to be prepared for what is unforeseen but nonetheless predictable. While this may seem daunting, particularly for smaller nonprofits, it should be emphasized that some of the most basic data privacy/security best practices and controls are easy to implement at little to no cost. Overall, the biggest step to be taken in protecting your organization and stakeholders is to make privacy/security a priority. Even without in-house resources, nonprofits can benefit from leveraging external ones to help augment policies and procedures. Preparing for this upfront will save a lot of trouble if a breach occurs.

This article originally appeared in BDO USA, LLP’s “Nonprofit Standard” newsletter (Spring 2021). Copyright © 2021 BDO USA, LLP. All rights reserved.

Cares Act Employee Retention Credits for Nonprofit Employers

By Carolyn Smith Driscoll, Gabe Rubio, Brad Poris

Many nonprofit organizations were forced to shutter or temporarily close their operations under a governmental order as a result of the coronavirus pandemic, while others were forced to severely limit their offerings. One way to continue to pursue your organization’s objectives is to ensure that you are still able to function, even if only in a limited capacity. The government has supported nonprofits and the continuation of their services with the passage of the Coronavirus Aid, Relief and Economic Security (CARES) Act in March 2020, which includes the Paycheck Protection Program (PPP) and the Employee Retention Credit (ERC). Under the CARES Act, organizations could take advantage of either the PPP or the ERC, but not both. In welcome news for nonprofit organizations, the Consolidated Appropriations Act, 2021 (Relief Act, signed by former President Trump on Dec. 27, 2020) retroactively eliminates this limitation and extends and enhances the ERC through the first two quarters of 2021. The ERC is one of the most beneficial provisions of the Relief Act relevant to nonprofit organizations. If you did not consider the ERC in 2020, or were not eligible to consider the ERC because you took a PPP loan, the retroactive ability to benefit from both PPP loans and the ERC is a powerful reason to consider the ERC for 2020. Looking ahead to 2021, the enhanced amount of the credit for wages paid during the first two quarters of 2021 provides another compelling reason to consider the ERC.

Yes! Tax-exempt organizations are eligible for the ERC because they are deemed to be engaged in a trade or business regarding the entirety of their operations. Examples of nonprofit organizations that have already taken advantage of the credit are hospitals, schools, museums, performing arts centers and churches.

The ERC is a refundable payroll tax credit for wages paid and health coverage provided by an employer whose operations were either fully or partially suspended due to a COVID-19-related governmental order or that experienced a significant reduction in gross receipts. The ERC can be claimed quarterly to help offset the cost of retaining employees. Employers may use ERCs to offset federal payroll tax deposits, including the employee FICA and income tax withholding components of the employer’s federal payroll tax deposits. Unlike the PPP, which was on a first-come, first-served basis, the ERC can be claimed up to three years from the date in which your quarterly payroll return was filed.

To claim the ERC in any given calendar quarter, nonprofit organizations must meet one of the following criteria during that quarter:
• Operations were fully or partially suspended as a result of orders from a governmental authority limiting commerce, travel or group meetings due to COVID-19; or
• The organization experienced a significant decline in gross receipts during the calendar quarter compared to 2019. Specifically, for 2020, gross receipts for the 2020 quarter decline more than 50% when compared to the same 2019 quarter. Eligibility for the credit continues through the 2020 quarter in which gross receipts are greater than 80% of gross receipts in the same 2019 quarter.
• For 2021, the gross receipts eligibility threshold for employers is reduced from a 50% decline to a 20% decline in gross receipts for the same calendar quarter in 2019, and a safe harbor is provided allowing employers to use prior quarter gross receipts compared to the same quarter in 2019 to determine eligibility.
• Employers not in existence in 2019 may compare 2021 quarterly gross receipts to 2020 quarters to determine eligibility.

Yes! As described above, one of the most favorable provisions in the Relief Act allows taxpayers to receive PPP loans and claim the ERC. This overlap was not permitted when the CARES Act was originally enacted, and organizations in need of cash infusions during 2020 more frequently turned to PPP loans as a source of funds rather than the ERC. Importantly, the Relief Act makes the ability to claim the ERC and receive PPP loans retroactive to March 12, 2020. As a result, organizations that received PPP loans in 2020 (and/or will receive new loans in 2021) can now explore potential ERC credits for 2020 and 2021.

The answer depends on an organization’s employee count. Eligible organizations that are considered “Large Employers” can only claim the ERC for wages paid to employees for the time the employees are not providing services. This aligns with the purpose of the ERC, which is to encourage employers to retain and compensate employees during periods in which businesses are not fully operational.

Smaller eligible organizations may claim a credit for all wages paid to employees. The Relief Act increases the threshold used to determine Large Employer status for 2021 claims to an employee count of more than 500 (for 2020, it is more than 100). This favorable change broadens the number of eligible nonprofit organizations that can claim the ERC for all wages paid to employees, including wages paid to employees who are providing services. Importantly, qualified healthcare expenses count as wages.

INSIGHT: If you furloughed your employees but continue to pay their health insurance, you can claim the ERC. Furloughed employees do not have to receive wages—health care expenses alone qualify as wages for purposes of the ERC.

Large Employer status is determined by counting the average number of full-time employees employed during 2019.

For this purpose, “full-time employee” means an employee who, with respect to any calendar month in 2019, worked an average of at least 30 hours per week or 130 hours in the month. This is the same definition used for purposes of the Affordable Care Act. Importantly, aggregation rules apply when determining the number of full-time employees. In general, all entities are considered a single employer if they are a controlled group of corporations, are under common control or are aggregated for benefit plan purposes.

Organizations that operated for the entire 2019 year compute the average number of full-time employees employed during 2019 by following the steps below:

Step 1: Count the number of full-time employees in each calendar month in 2019. Include only those employees who worked an average of at least 30 hours per week or 130 hours in the month.

Step 2: Add up each month’s employee count from Step 1 and divide by 12.

INSIGHT: Part-time employees who work, on average, less than 30 hours per week are not counted in the determination of Large Employer status. Omitting part-time employees from the computation should result in more nonprofit organizations having 500 or fewer full-time employees and, therefore, being able to claim the ERC for all wages paid to employees in the first two quarters of 2021 (assuming eligibility criteria are met).

No. Simply put, there is no double dipping. Wages used to claim the ERC cannot also be counted as “payroll costs” for purposes of determining the amount of PPP loan forgiveness, and organizations that want to benefit from the ERC and have their PPP loans fully forgiven will need to have sufficient wages to cover both. To the extent an organization does not have sufficient wages, strategic planning will be needed to generate maximum benefits.

SUMMARY OF ERC CHANGES PRIOR LAW 3/13/20 – 12/31/20 NEW LAW: 3/13/20 – 12/31/20 NEW LAW: 1/1/21 – 6/30/21
Interplay with PPP Loan No ERC if a forgiven PPP loan was received Taxpayers that receive a PPP loan can claim the ERC, but double dipping is not allowed.
Maximum Creditable Wages per Employee $10,000 per year $10,000 per quarter
Maximum Credit 50% of eligible wages, up to $5,000 per employee 70% of eligible wages, up to $28,000 per employee
Threshold to be Considered a “Large Employer” (based on average full-time employees in 2019 and considering aggregation rules) More than 100 More than 500


  • Employers that previously reached the credit limit on some of their employees in 2020 can continue to claim the ERC for those employees in 2021 to the extent the employer remains eligible for the ERC.
  • Qualification for employers in 2021 based on the reduction in gross receipts test may provide new opportunities for businesses in impacted industries.
  • Eligible employers with 500 or fewer employees may now claim up to $7,000 in credits per quarter, paid to all employees, regardless of the extent of services performed. This rule previously was applicable to employers with 100 or fewer employees and a maximum of $5,000 in credit per employee per year. Aggregation rules apply to determine whether entities under common control are treated as a single employer.

This article originally appeared in BDO USA, LLP’s “Nonprofit Standard” newsletter (Spring 2021). Copyright © 2021 BDO USA, LLP. All rights reserved.

Provider Relief Funds – Reporting and Audit Requirements

By Carla DeMartini, CPA, Chad Krcil, FHFMA, CHFP, and Venson Wallin, CPA, CGMA, CFE, CHC, FHFMA, CHFP, HCISPP

Through the CARES Act and supplemental funding from the Coronavirus Response and Relief Supplemental Appropriations (CRRSA) Act, the U.S. Department of Health and Human Services (HHS) is in the process of distributing $178 billion to hospitals and healthcare providers on the front lines of the coronavirus response and relief efforts. Qualified providers of healthcare, services and support may receive PRF payments for healthcare-related expenses or lost revenue due to COVID-19. While these distributions do not need to be repaid to the U.S. government, assuming providers comply with the terms and conditions established by HHS, these funds come with unique compliance, reporting and audit requirements that recipients must adhere to once they attest to the receipt of these funds.

Reporting Requirements

On Jan. 15, 2021, HHS released updated guidance on the PRF reporting requirements. Below, we outline what has changed since their last communication on Nov. 2, 2020. This amended guidance is in response to the CRRSA Act, which was passed in December 2020 and added $3 billion to the PRF (increasing the total funding from $175 billion to $178 billion) along with new language regarding reporting requirements.

Please note this is a summary of information and additional detail and guidance can be found in the reporting and auditing FAQ section of

  • On Jan. 15, 2021, HHS announced a delay in reporting of the PRF. HHS has not yet communicated further details on the deadline for this reporting. Recipients of PRF payments greater than $10,000 may register to report on their use of funds as of Dec. 31, 2020 starting Jan. 15, 2021. Healthcare providers should go into the portal, register and establish an account now so that when the portal is open for reporting, they are prepared to fulfil their reporting requirements.
  • Recipients who have not used all of the funds by Dec. 31, 2020, have from January 1 – June 30, 2021 to use the remaining funds. Healthcare organizations will have to submit a second report before July 31, 2021 on how funds were utilized for that six-month period.
  • The new guidelines further define the reporting entity and how to report if there is a parent company with subsidiaries for both General and Targeted Distributions:

Parent organizations with multiple Taxpayer Identification Numbers (TINs) that received General Distributions or TINS that received them from parent organizations can report the usage of these funds even if the parent was not the entity that completed the attestation.

While a Targeted Distribution may now be transferred from the receiving subsidiary to another subsidiary by the parent organization, the original subsidiary receiving the Targeted Distribution must report any of the Targeted Distribution it received that was transferred.

      The new guidance does state that distribution of Transferred Targeted Distributions will likely fall under increased scrutiny through an audit by the Health Resources and Services Administration (HRSA).

  • The calculation of lost revenue has been modified by HHS through this new guidance. Lost revenue is calculated for the full year and can be calculated using one of the following methods:

      Difference between 2019 and 2020 actual patient care revenue. The revenue must be submitted by patient care mix and by quarter for the 2019 year.

      Difference between 2020 budgeted and 2020 actual patient care revenue. The budget must have been established and approved prior to Mar. 26, 2020. This budget, as well as an attestation from the CEO or chief financial officer that it was submitted and approved prior to Mar. 26, 2020, will have to be submitted.

      Reasonable method of estimating revenue. An explanation of the methodology, why it is reasonable and how the lost revenue was caused by coronavirus and not another source will need to be submitted.

  • Recipients with unexpended PRF funds in full after the end of calendar year 2020, have an additional six months to utilize remaining funds for expenses or lost revenue attributable to coronavirus in an amount not to exceed the difference between:

      2019 quarter one to quarter two and 2021 quarter one to quarter two actual revenue,

      2020 quarter one to quarter two budgeted revenue and 2021 quarter one to quarter two actual revenue.

Audit and Compliance Requirements

Based on current information from HHS, provider relief funds are also subject to audit if more than $750,000 has been expended during an entity’s fiscal year.

Over the next two years, many entities, which have received PRF exceeding the $750,000 threshold, may require an audit for the first time. For nonprofit, for-profit and government entities, this would result in a Single Audit under the Office of Management and Budget’s (OMB) Uniform Administrative Requirements, Cost Principles and Audit Requirements for Federal Awards (Uniform Guidance). A program-specific audit option may also be available under 2 Code of Federal Regulations (CFR) 200 Subpart F Section 200.501(c), if an auditee expends federal awards under only one federal program (excluding Research and Development). HHS has also noted that for-profit entities that received these funds have a third option, which would be a financial audit under Generally Accepted Government Auditing Standards (GAGAS) also referred to as the Yellow Book. There is still pending guidance from HHS around this third option in the areas of expenditures versus receipts, disclosures and timing of the report. However, what is fairly certain is that this type of audit would be conducted under Section AU-C 805, Special Considerations- Audits of Single Financial Statements and Specific Elements, Accounts or items of a Financial Statement, and will require the inclusion of a Statement of Costs and Lost Revenues in relation to any HHS federal awards.

Additionally, there may be some confusion and uncertainty among recipients who require a Single or program-specific audit for the first time. These auditees may be unfamiliar with audit expectations and preparations that need to take place in order to respond to federal compliance requirements. Determination of what should be reported on the schedule of expenditures of federal awards (the SEFA) may be challenging at first, especially since federal guidance surrounding the PRF has been continuously evolving.

There are some timing nuances and questions on what amounts (i.e., expenditures and lost revenues) should be reported for PRF (CFDA 93.498) on the SEFA by recipients for fiscal year-ends prior to Dec. 31, 2020. The “Other Information” section in the PRF section of the OMB Compliance Supplement Addendum (Addendum) issued on Dec. 22, 2020 addresses this by stating that “PRF expenditures and lost revenue will not be included on SEFAs until Dec. 30, 2020 year-ends and later.” Rather, for fiscal years ended earlier than Dec. 30, 2020, recipients will report the 2020 93.498 expenditures and lost revenue in the 2021 audit. Keep in mind that this timing provision only affects the PRF program and is not applicable to other COVID-19 funding that healthcare entities may have received such as CFDA 93.461, COVID-19 Testing for the Uninsured or CFDA 93.697, COVID-19 Testing for Rural Health Clinics. For fiscal years ended Dec. 30, 2020 and later, the amounts reported on the SEFA (expenditures and lost revenue) should match the amounts submitted in the calendar year-end reporting required to be made directly to the HHS portal.

The deadline for the submission of the Single Audit reporting package to the Federal Audit Clearinghouse (FAC) is within the earlier of 30 calendar days after the single audit report’s issuance, or nine months after year end. However, per OMB Memo M-21-20 issued Mar. 19, 2021 an extension has been provided  that permits recipients and subrecipients that have not filed their single audit as of Mar. 19, 2021 that have fiscal year ends through June 30, 2021, to delay the completion and submission of the single audit reporting package to six months beyond the normal due date.  There is no requirement for individual recipients and subrecipients to seek approval for the extension, but recipients and subrecipients should maintain documentation of the reason for the delayed filing.

Next Steps for PRF Recipients

In the wake of this new guidance, PRF recipients should take the following steps:

  • Register in the HHS portal and establish an account as soon as possible.
  • Revisit lost revenue calculations to determine if current methodology is appropriate or if an updated methodology would be more appropriate under the new guidance.
  • Understand the ability to transfer General and Targeted distributions and the impact on reporting of these funds.
  • Develop reporting procedures for lost revenue and increased expense for reporting in the HHS portal.
  • Confirm whether your organization is subject to the single audit.
  • Review audit and compliance requirements that pertain to your organization.

This article originally appeared in BDO USA, LLP’s “Nonprofit Standard” newsletter (Spring 2021). Copyright © 2021 BDO USA, LLP. All rights reserved.

IRS Issues Final Regulations on UBTI “Silos”

By Marc Berger, CPA, JD, LLM

On Dec. 2, 2020 the U.S. Treasury and IRS published final regulations under Internal Revenue Code (IRC or Code) Section 512(a)(6), the provision requiring tax-exempt organizations with more than one unrelated trade or business to calculate unrelated business taxable income (UBTI) separately with respect to each trade or business. The provision, which was added to the Code by the 2017 tax law often referred to as the Tax Cuts and Jobs Act (TCJA), is known as the UBI “Silo” provision. The final regulations provide guidance on how an exempt organization determines if it has more than one unrelated trade or business and, if so, how the organization calculates UBTI under Section 512(a)(6).

The final regulations generally follow the approach taken in the proposed regulations (issued in April 2020), while making a few modifications based on comments received from tax-exempt organizations and practitioners.

Identifying Separate Unrelated Trades or Businesses

Similar to the proposed regulations, most unrelated business activities must be classified using the first two digits of the North American Industry Classification System (NAICS) code that most accurately describes the trade or business. The IRS considered one commenter’s view that the NAICS 2-digit codes be used as a safe harbor and that a facts and circumstances test be applied as the primary method of identifying separate unrelated trades or businesses. In rejecting that suggested change the IRS noted that adopting a facts and circumstances test would offer exempt organizations less certainty and likely result in inconsistency among exempt organizations conducting more than one unrelated trade or business because of differing approaches exempt organizations would take in applying such a test. It further stated that a facts and circumstances test would increase the administrative burden on the IRS which, upon examination, must perform the same fact-intensive analysis on each of the unrelated trades or businesses identified by the exempt organization.

In clarifying how an exempt organization should choose an NAICS 2-digit code, the IRS reiterated that the choice of the code must focus on the separate unrelated trade or business activity engaged in, and not the NAICS 2-digit code that describes the activities the conduct of which are substantially related to the exercise or performance of the organization’s exempt purpose or function. For example, a college or university exempt under Section 501(c)(3) cannot use the NAICS 2-digit code for educational services to identify all of its separate unrelated trades or businesses.

One area that the final regulations differed from the proposed regulations concerns the ability to change an NAICS 2-digit code once it has been selected and reported on Form 990-T. The proposed regulations generally provided that, once an organization has identified a separate unrelated trade or business using a particular NAICS 2-digit code, the organization cannot change the NAICS 2-digit code describing that separate unrelated trade or business unless two requirements are met. First, the exempt organization must show that the NAICS 2-digit code chosen was due to an unintentional error. Second, the exempt organization must show that another NAICS 2-digit code more accurately describes the unrelated trade or business. In response to numerous comments on this issue, the final regulations remove the restriction requirements for changing NAICS 2-digit code(s). Instead, the final regulations require an exempt organization that changes the identification of a separate unrelated trade or business to report the change in the taxable year of the change in accordance with forms and instructions. To report the change, the final regulations require an organization to provide certain information with respect to each separate unrelated trade or business the identification of which changes: (1) the identification of the separate unrelated trade or business in the previous taxable year, (2) the identification of the separate unrelated trade or business in the current taxable year, and (3) the reason for the change. The IRS anticipates that the instructions to the Form 990‑T will be revised to provide instructions regarding where and how changes in identification are reported.

Activities Deemed Separate Trades or Businesses

As provided under the proposed regulations, certain activities are treated as separate trades or businesses under the final regulations.

Investment Activities

The proposed regulations provided an exclusive list of an exempt organization’s investment activities that may be treated as a separate unrelated trade or business for purposes of section 512(a)(6). Under the proposed regulations, for most exempt organizations, such investment activities are limited to: (i) qualifying partnership interests; (ii) qualifying S corporation interests; and (iii) debt-financed properties. Although commenters recommended modifications to the rules regarding the individual items included in this list, no commenters objected to the treatment of these items as investment activities. The final regulations adopt this list of investment activities without change.

Similar to the proposed regulations, the final regulations permit the aggregation of qualifying partnership interests (QPIs) into one separate unrelated trade or business in order to reduce the administrative burden of obtaining information from the partnership regarding its underlying trade or business activities where its percentage interest level indicates that the exempt organization does not significantly participate in the partnership. QPIs are generally defined as partnership interests that meet one of two tests: (1) A de minimis test, which the exempt organization satisfies if it holds directly or indirectly no more than 2% of the profits interest and no more than 2% of the capital interest of the partnership; or (2) A participation test (formerly known as the “control test” under the proposed regulations), which the exempt organization satisfies if it holds directly or indirectly no more than 20% of the capital interest and does not “significantly participate in” (formerly “control”) the partnership.

As modified by the final regulations, an exempt organization significantly participates in a partnership if:

  • The exempt organization, by itself, may require the partnership to perform, or prevent the partnership from performing (other than through a unanimous voting requirement or through minority consent rights), any act that significantly affects the operations of the partnership;
  • Any of the exempt organization’s officers, directors, trustees, or employees have rights to participate in the management of the partnership at any time;
  • Any of the organization’s officers, directors, trustees, or employees have rights to conduct the partnership’s business at any time; or
  • The organization, by itself, has the power to appoint or remove any of the partnership’s officers or employees or a majority of directors.

Similar to the proposed regulations, the final regulations require the interests of certain supporting organizations and controlled entities to be combined with those of the of the exempt organization in determining whether the organization’s interest crosses the participation test’s 20% threshold. One difference, however, is that the final regulations do not require an organization to combine the interests of a Type III supporting organization unless that supporting organization is the organization’s parent.

In making the determination whether an exempt organization’s interest in a partnership meets one of the two tests to be a QPI, the final regulations follow the rule in the proposed regulations that an exempt organization’s percentage interest is determined by averaging the organization’s percentage interest at the beginning of the partnership’s tax year with its percentage interest at the end of that same partnership tax year. The final regulations, however, now provide a grace period when a change in an organization’s percentage interest is due entirely to the actions of other partners. The grace period permits a partnership interest that fails to meet the requirements of either test because of an increase in the current year’s percentage interest may be treated as meeting the requirements of the de minimis test or the participation test that it met in the prior year for the taxable year of the change if: (1) the partnership interest met the requirements of the de minimis test or the participation test in the organization’s prior taxable year without application of the grace period; (2) the increase in percentage interest is due to the actions of one or more partners other than the exempt organization; and (3) in the case where a partnership interest met the participation test in the prior taxable year, the interest of the partner or partners that caused the increase in the current year was not one that was combined with the exempt organization’s interest as described in the preceding paragraph in either the prior or current year.

With respect to qualifying S corporation interests (QSIs), the final regulations clarify that the exempt organization can rely on the Schedule K-1 (Form 1120-S) that it received from the S corporation if the form lists information sufficient to determine the organization’s percentage of stock ownership for the year. For example, a Schedule K-1 that reports “zero” as the organization’s percentage interest in the S corporation is not sufficient to determine the organization’s percentage of stock ownership for the year. The IRS is considering whether revision of Schedule K-1 is needed to provide the information necessary to determine whether an S corporation interest is a QSI.

With respect to debt-financed income, several commenters suggested that this income should be reportable using an NAICS 2-digit code instead of as an investment activity. The final regulations rejected this suggestion and adopted the proposed regulations treatment as a separate investment activity.

Finally, the transition rule included in both IRS Notice 2018-67 and the proposed regulations, which permitted an organization to treat any partnership interest acquired prior to Aug. 21, 2018 as a single trade or business activity, will lapse as of the first day of the organization’s taxable year following the issuance of final regulations. Despite receiving several comments asking the Treasury Department and the IRS to adopt the transition rule as a grandfather rule, it was not so adopted in the final regulations.

Payments from Controlled Entities

Similar to the proposed regulations, all “specified payments” (i.e., interest, rents, royalties and annuity payments per Code Sec. 512(b)(13)) received by a controlling tax-exempt organization from an entity it controls (i.e., more than 50 percent controlled by the organization) are treated as gross income from a separate unrelated trade or business. Moreover, if a controlling organization receives specified payments from two different controlled entities, the payments from each controlled entity would be treated as a separate unrelated trade or business.

Certain Amounts from Controlled Foreign Corporations (CFCs)

Similar to the proposed regulations, amounts included in UBTI under Section 512(b)(17) are treated as income derived from a single separate unrelated trade or business.

Other Items of Note

Allocation of Expenses – Pending the publication of further guidance in a separate notice of proposed rulemaking, the final regulations continue to provide that an exempt organization with more than one unrelated trade or business must allocate deductions between separate unrelated trades or businesses using the reasonable basis standard described in Treas. Reg. Section 1.512(a)-1(c).

Net Operating Losses (NOLs) – Under Section 512(a)(6), NOLs arising in a tax year beginning before Jan. 1, 2018 (“pre‑2018 NOLs”) may be taken against aggregate or total UBTI, while NOLs arising in a tax year beginning after Dec. 31, 2017 (“post‑2017 NOLs”) may only be taken against UBTI from the same trade or business from which the post-2017 NOL arose. The final regulations require an organization with both pre-2018 NOLs and post-2017 NOLs to first deduct its pre-2018 NOLs from its total UBTI before deducting any post-2017 NOLs from the UBTI of the separate trade or business that gave rise to the NOL. The final regulations further provide that if a trade or business is terminated, sold, exchanged or disposed of, any NOLs remaining after offsetting any gain on the sale or disposition are suspended. Suspended NOLs may only be used if the previous business is later resumed or if a new business using the same NAICS 2-digit code is commenced or acquired. For this purpose, a business is considered “terminated” if the appropriate identification of the business changes from one NAICS code to a different NAICS code.

Charitable Contributions – Under Section 512(b)(10), tax-exempt corporations can take charitable contribution deductions under Section 170 up to 10% of UBTI (tax-exempt trusts look to Section 512(b)(11) for its percentage limitations). The final regulations provide that in applying these percentage limitations, exempt organizations would use total UBTI computed pursuant to Section 512(a)(6) and would not allocate the charitable contribution deduction among silos.

Public Support Tests – The final regulations address the fact that the calculation of public support on Form 990, Schedule A could be negatively impacted by the treatment of UBTI under the new silo rules. To address this issue, the final regulations allow exempt organizations to calculate public support tests using either UBTI as computed under Section 512(a)(6) or UBI calculated in the aggregate, whichever is least administratively burdensome or provides the highest ratio for the organization.

Subpart F and Global Intangible Low-Taxed Income – Similar to the proposed regulations, the final regulations clarify that inclusions of Subpart F income under Section 951(a)(1)(A) and global intangible low-taxed income (GILTI) under Section 951A(a) are treated in the same manner as dividends for purposes of Section 512(b)(1).

The final regulations are applicable to tax years beginning on or after Dec. 2, 2020 (date of publication in the Federal Register). For virtually all exempt organizations this means their 2021 tax years. Organizations should consult with their tax advisors to ensure the identification of any and all of their separate unrelated trades or businesses, especially those organizations with significant investment activities.

This article originally appeared in BDO USA, LLP’s “Nonprofit Standard” newsletter (Spring 2021). Copyright © 2021 BDO USA, LLP. All rights reserved.