A Single Audit is a combined financial statement and federal compliance audit required when an organisation spends one million dollars or more in federal funds in a fiscal year, for fiscal years beginning on or after 1 October 2024. Unlike a regular financial statement audit, which tests only whether the accounts are accurate, a Single Audit also tests compliance with the rules attached to each federal program. It is authorised by the Single Audit Act and governed by OMB Uniform Guidance (2 CFR Part 200).
When is a single audit required?
A federal Single Audit is required only when an organisation spends one million dollars or more in federal funds in a single fiscal year. This threshold applies for fiscal years beginning on or after 1 October 2024, and the first audits under it are being filed for years ending 30 September 2025 and later. Below that line, no federal Single Audit is triggered.
Older awards complicate the picture. An award issued before October 2024 can still carry the prior seven hundred and fifty thousand dollar threshold, so an organisation holding a mix of older and newer awards should track them by issue date rather than assume the new line applies to everything.
The trigger is based on federal funds expended in the year, not funds received or budgeted. A Single Audit is also not the only audit that can apply, since individual funders may require an independent audit regardless of the federal figure. For how this sits within governance, fundraising and data obligations, see the nonprofit compliance guide.
How does a single audit differ from a financial statement audit?
A regular independent financial statement audit examines whether an organisation's financial statements are accurate and fairly presented. A Single Audit goes further, additionally testing compliance with the specific requirements attached to each federal program the organisation draws from, including the internal controls over those programs. An organisation can need one, both, or neither.
The practical difference matters more than the legal one. A Single Audit pulls the vendor, subrecipient and contract evidence trail into scope, because auditors test how federal funds were managed downstream, not only how they were recorded. This is the vendor and contract side that lean teams most often scramble to produce on demand, including subrecipient monitoring records, vetting evidence and contract obligations.
Worth being clear about scope: a Single Audit tests compliance with federal program rules, and Gatekeeper does not run audits or manage grants. Gatekeeper is a system of record that helps you evidence the vendor, subrecipient and contract side of that picture, not the audit itself. This is where ongoing third-party compliance monitoring comes in, with Gatekeeper's AI agents collecting, chasing and monitoring while your team keeps the decisions that need human judgement.
Related terms
.png)
.png)
.png)
-4.png)