OMB Uniform Guidance Changes Going into Effect on 9/30 – What To Know

Summary

• The U.S. Department of Labor’s Office of Management and Budget (OMB) issued changes to its Uniform Guidance for Federal Awards, taking effect for fiscal years beginning on or after October 1, 2024. This new standard applies to non-federal entities closing their fiscal year-end books by September 30, 2025.
• Most significant change: the Single Audit threshold for non-federal entities was raised from $750,000 to $1,000,000 for fiscal years ending on or after September 30, 2025. The Type A program threshold increased accordingly.¹
• Procurement updates under Section 200.320²:
  • “Small purchases” were renamed to “simplified acquisitions.”
  • The micro-purchase threshold (MPT) was raised to $10,000, with self-certification allowed up to $50,000.
• Indirect cost changes under Section 200.414³:
  • De minimis indirect cost rate may be “up to 15%.”
  • Pass-through entities must accept federally negotiated indirect rates.
• Cybersecurity measures required under Section 200.303(e)⁴: No specific framework was provided, leaving the direction to federal agencies.

Single Audit Threshold Increase

The most significant change was the increase in the Uniform Guidance’s Single Audit threshold for non-federal entities, from $750,000 to $1,000,000, effective for fiscal years ending on or after September 30, 2025.

Background on prior threshold increases:

• 1984 – 1996: Threshold set to $100,000 based on grant revenue and not expenditures
• 1997 – 2003: Increased to $300,000, based on expenditures
• 2004 – 2014: Raised to $500,000
• 2015 – 2025: Increased to $750,000, in effect through fiscal years ending by September 30, 2025

Related update: The OMB raised the Type A program threshold from $750,000 to $1,000,000 starting in the same fiscal period.

Procurement Updates

Beyond the Single Audit threshold change, the most important Uniform Guidance changes are in Section 200.320, which covers procurement methods.

Key terminology has been updated. “Small purchases” are now referred to as “simplified acquisitions.” 

The MPT was increased from $3,500 to $10,000. But grant recipients can self-certify a higher threshold – up to $50,000 annually – if they include a justification, a clearly defined threshold, and documentation demonstrating that either (a) the auditee qualifies as low-risk under Section 200.520⁵ for the most recent audit, or (b) the auditee performs an annual internal institutional risk assessment to identify, mitigate and manage financial risks. MPTs over $50,000 must be approved by the cognizant agency for indirect costs.​

The Simplified Acquisition threshold (SAT), formerly the federal “Small Purchase Threshold” – rose from $150,000 to $250,000.​ For purchases between the MPT and the SAT (between $10,000 and $250,000), authorized government buyers must follow Simplified Acquisition Procedures (SAP) and reasonably consider available supplies and services. They must:​

• Define a scope of work and set evaluation criteria, if applicable​
• Give preference to small businesses​
• Seek price reduction​s
• Perform market research through one of the following methods:
  • Review GSA Advantage! for a minimum of three contractors
  • Review at least three contractor price lists in eLibrary
  • Request quotations from at least three GSA Schedule contractors

Contracts above the SAT (greater than $250,000) require posting a Request for Quote (RFQ) on GSA eBuy or sending them to as many contractors as practicable. Additionally, Subpart 13.5⁶ provides special acquisition authority for commercial supplies and services in amounts between the SAT and $7.5 million.​

Indirect Cost Changes

In Section 200.414, the OMB increased the de minimus indirect cost rate to “up to 15%.” The phrase “up to” clarifies that entities may not recover more than the actual indirect costs incurred.​ Additionally, the OMB clarified that pass-through entities must accept all federally negotiated indirect cost rates for subrecipients.​

Cybersecurity Measures

Revisions to Uniform Guidance added a new provision under Section 200.303(e), requiring recipients or subrecipients to “take reasonable cybersecurity and other measures to safeguard information including protected personally identifiable information (PII) and other types of information.” Although comments on the revision recommended defining a framework for these measures, the OMD chose not to adopt one at this time. It indicated that a government-wide framework may be considered in the future, but that federal agencies should provide more specific guidance at their own discretion now.

What’s Next?

Although not a complete list of all recent Uniform Guidance changes, this article provides grantees, subrecipients, accountants and legal professionals with information that is useful for reassessing compliance structure and more. Contact Sikich today to discuss audit planning, cybersecurity readiness, procurement procedures, documentation and risk assessments or indirect cost strategy.

1. Part 200. Code of Federal Regulations. https://www.ecfr.gov/current/title-2/subtitle-A/chapter-II/part-200
2. Section 200.320. Code of Federal Regulations. https://www.ecfr.gov/current/title-2/subtitle-A/chapter-II/part-200/subpart-D/subject-group-ECFR45ddd4419ad436d/section-200.320
3. Section 200.414. Code of Federal Regulations. https://www.ecfr.gov/current/title-2/subtitle-A/chapter-II/part-200/subpart-E/subject-group-ECFRd93f2a98b1f6455/section-200.414
4. Section 200.303. Code of Federal Regulations. https://www.ecfr.gov/current/title-2/subtitle-A/chapter-II/part-200/subpart-D/section-200.303
5. Section 200.520. Code of Federal Regulations. https://www.ecfr.gov/current/title-2/subtitle-A/chapter-II/part-200/subpart-F/subject-group-ECFRea73e47c9a286e6/section-200.520
6. Subpart 13.5. Code of Federal Regulations. https://www.ecfr.gov/current/title-48/chapter-1/subchapter-C/part-13#sp48.1.13.13_15