chevron-down Created with Sketch Beta.


The Procurement Lawyer Winter 2024

Guidance for Contractors to Succeed Amongst Complexity of Federal Grant Programs

Nena M Lenz


  • All parties interested in obtaining federal contracts or grants must register with the System for Award Management (
  • The five fundamental themes of grant compliance include identifying and understanding all grant terms, conditions, and requirements and keeping detailed compliance records. 
  • Regulations will expand as the federal government wrestles with emerging cybersecurity threats.
  • Patterns and instances of noncompliance will become easier to discover and records will become harder to hide as federal software becomes more sophisticated. 
  • Federal grant applicants must ensure that all factual statements in grant applications are accurate and implement strong internal controls to safeguard against intentional or unintentional misstatements.
Guidance for Contractors to Succeed Amongst Complexity of Federal Grant Programs
Jan Pietruszka via Getty Images

Jump to:


Ten years ago, the federal government, through the Office of Management and Budget (OMB), overhauled federal grant regulations, consolidating them into “Uniform Guidance” that applies to all federal grants, ranging from federally assisted infrastructure projects to sponsored research to community investment initiatives. Before consolidation, federal grant regulations were agency-specific, often informal, and unevenly enforced.

For the past decade, members of the federal grants community have wrestled with the practical application of the Uniform Guidance. At the same time, grant compliance has become increasingly complex as Congress and the executive branch have packed the Uniform Guidance with provisions aimed to advance federal policy, while pressing agency Offices of Inspectors General (OIG) and the Department of Justice (DOJ) to crack down on fraud, waste, and abuse in federal grant programs.

Over the past few years, federal grant spending increased significantly as Congress poured money into expansive efforts to address public health needs during the COVID-19 pandemic, to stem the economic fallout from the pandemic, and to update aging infrastructure. As a result, trillions of federal grant dollars are flowing through thousands of grants managed by dozens of federal agencies. In the coming years, organizations with little or no prior experience with federal projects will participate in tens of thousands of grant-funded projects and find themselves subject to the robust Uniform Guidance.

This article aims to equip grantees and other participants in federal grants programs with the basic tools needed to succeed. After introducing readers to current trends in federal grants, this article offers practical guidance on grant compliance. Drawing from some unfortunate experiences highlighted in the press, this article identifies common compliance pitfalls and best practices to avoid them.

Trends in Federal Grants

Standardization and Digitalization of Grants

Standardization of federal grant requirements through the Uniform Guidance is one example of how the federal government has streamlined federal programs in the past decade. All parties interested in obtaining federal contracts or grants are now required to register with System for Award Management (referred to as is also now the central place to find information about federal contract and assistance opportunities; entities that are excluded from federal programs, such as through suspension and debarment; and wage determinations for contract and service contracts, among other things. The federal government has also centralized grants information on, which provides information about grant opportunities through more than a thousand federal grant programs and lets users apply for grants online. The website hosts extensive information about federal spending, including detailed information about all federal grants and certain subawards.

New Grant Requirements Advance Federal Policy and Address Emerging Threats

In recent years, OMB updated the Uniform Guidance to implement evolving congressional and executive branch priorities, such as evolving federal policy in favor of domestic sourcing preferences. In response to a 2017 Executive Order, the Uniform Guidance was amended in 2020 to incorporate a toothless domestic preference requirement for procurements under federal grants. Then, in response to the Build America, Buy America (BABA) Act that was included in the Infrastructure Investment and Jobs Act of 2021 (IIJA), OMB adopted aggressive and prescriptive new regulations in 2023 that mandate Buy America preferences for all infrastructure projects receiving federal financial assistance.

Regulations will expand as the federal government wrestles with emerging cybersecurity threats. While the Uniform Guidance does not include provisions to address cybersecurity risks, this is likely to change as the federal government standardizes cybersecurity measures across agencies. For instance, in September 2022, the National Institutes of Health (NIH) OIG released a report deriding the lack of internal controls in place to ensure cybersecurity of grant information and recommending changes.

Expansive Transparency and Disclosure Requirements Aim to Expose Noncompliance

As demonstrated through and, the government has increased its investment in and reliance on software for data management, including collection, storage, and analysis. Over the past decade, Congress and the executive branch have expanded reporting requirements for awarding agencies and grantees and transitioned to online submission of grant applications and reports. In turn, it has become increasingly difficult for grantees to implement effective internal controls to review the accuracy of certifications before they are uploaded because employees are comfortable clicking through online forms without much thought as to the consequence of each click.

As federal software gets more sophisticated, patterns and instances of noncompliance will become easier to discover, and records of noncompliance, including false certifications, will become harder to hide. Agencies are already using data analytics to automate oversight. In 2021, a report by the Council of the Inspectors General on Integrity and Efficiency (CIGIE Report) discussed how grant-making agencies are using “automated techniques to monitor agency-award systems and external data to oversee grant lifecycles.” The CIGIE Report described how inspectors general are using “data analytics to identify anomalous activities and changes in activity over time” to identify red flags and decide which grantees to audit or investigate. The CIGIE Report further touted the Small Business Administration (SBA) OIG’s recent success using data analytics to identify nearly $2 billion in financial assistance abuses, noting the important role of data analytics to identify fraud, waste, and abuse of pandemic response funding.

Complaints About Compliance Burdens Inspired Efforts to Reduce Complexity

The foregoing trends have led to overwhelming administrative burdens and significant frustration throughout the grants community. OMB recently proposed revisions to the Uniform Guidance that aim to reduce complexity in the grant process by removing certain approval requirements, simplifying compliance, and removing barriers to entry by reducing administrative costs. Public comments were due in December 2023, but the release date for the final rule had not been announced as of the date of this publication.

Agencies Face Increased Pressure to Monitor Grants and Control Costs

While federal grantees struggle to understand and comply with the Uniform Guidance, Congress may be getting impatient. The Government Accountability Office (GAO) oversees federal granting agencies through audits, reports, and analyses of federal grant law and agency compliance with those laws. In the last six months of 2023 alone, GAO issued two reports criticizing various agencies for failure to comply with grant rules and discussing how those agencies agreed to increase their internal controls to ensure grantee compliance. In addition, OIGs within granting agencies are churning out audit and investigative reports chronicling agency oversight failure. As of January 2024, nearly 28,000 reports were publicly available on

Grant-Related Enforcement Actions Are on the Rise

While GAO offers gentle encouragement to wayward granting agencies, agency OIGs and the DOJ are policing grantee performance with increasing coordination and fervor. Federal grant fraud usually involves one of the following types of violations of federal law: embezzlement, theft or bribery concerning programs receiving federal funds, false statements, false claims, and mail fraud and wire fraud. Enforcement of grant fraud is most often accomplished through the Civil False Claims Act (FCA), which was designed to fight civil fraud against the government, and uses treble damages to punish contractors, grantees, and others who present false claims for payment to the government.

The Magnitude of FCA Damages and Penalties for Federal Grand Fund

When the federal government makes grant payments, it does so in reliance on a grantee’s representations of compliance with applicable grant terms and conditions. When those representations are false because the grantee is not in material compliance with grant requirements, the government may have relied on a false statement to pay a false claim, which could give rise to liability under the FCA. FCA lawsuits can be initiated by whistleblowers (also referred to as “qui tam relators”) or by federal agencies, although whistleblower lawsuits are the most common. Whistleblowers who bring FCA claims typically receive between 15 and 30 percent of the ultimate recovery.

The FCA “imposes significant penalties on those who defraud the Government” and is the government’s primary tool to recover grant funds lost due to fraud. In 2012, the Second Circuit of the US Court of Appeals held that when a grantee uses a false claim to get federal funding, the government entirely loses the opportunity to award the money to a recipient that would have used the funds as the government intended. As a result, the appropriate measure of actual damages for false claims in grant applications, proposals, and submissions for payment is the full amount of grant payments made by the government after material false statements were made. Grantees found liable for FCA violations are subject to treble damages, meaning that the damage amount for false claims involving government grants would likely be triple the entire value of the grant. In addition, the FCA includes penalties ranging from $13,508 to $27,018 per violation, and a violation occurs each time a claim (e.g.,an invoice) is submitted.

The federal government recovered more than $2.2 billion in settlements and judgments from civil cases involving fraud and false claims against the government during federal fiscal year 2022. Although this was the lowest gross total since 2008, a total of 351 cases were settled in 2022, which was the second-highest annual total in history. The number of new suits filed by the federal government and relators in 2022 set a record high of 948. The bulk of FCA recoveries—$1.7 billion—involved the health care industry. Of the $2.2 billion recovered in 2022, over $1.9 billion arose from whistleblowers, who received $488 million from resolved cases.

FCA Risks Faced by Grantees

In the context of federal grants, the definition of “fraud” encompasses far more than deliberate, deceitful actions like stealing and cheating. Grant recipients and their contractors do not need to specifically intend to defraud the government in order to be liable for making false claims. Rather, to establish FCA liability, the federal government must show the entity receiving federal funds “knowingly presents, or causes to be presented, a false or fraudulent claim for payment or approval.” Grantees can also violate the FCA by recklessly disregarding or deliberately ignoring the truth or falsity of information provided to the government.

In 2023, the US Supreme Court held that “knowledge” under the FCA depends on what the defendant actually knew and believed at the time of the alleged false claim. The Court found that “either actual knowledge, deliberate ignorance, or recklessness will suffice” to satisfy the “knowingly” element. By defining “reckless disregard” as being “conscious of a substantial and unjustifiable risk” that claims are false but submitting them anyway, the Court seems to have expanded knowledge to include erroneous, but reasonable, judgment calls when faced with ambiguous legal requirements.

When anyone receiving federal grant funds makes representations that omit acknowledgment of violations of statutory, regulatory, or contractual requirements, those omissions can be a basis for liability if they render a defendant’s representations misleading. To qualify as a false claim, the implied certifications of compliance do not need to be “expressly designated as conditions of payment,” but they do have to be material to the government’s decision to pay the claim.

Criminal Prosecutions Are on the Rise, Too

In close coordination with FCA lawsuits and investigations, the federal government has stepped up its efforts to ferret out and prosecute individuals for criminal grant fraud, as well. Prompted by congressional outrage over blatant criminal activities involving COVID-19 fraud, federal prosecutors and OIGs have ramped up coordinated efforts to prosecute criminal fraud abusing emergency assistance and other grant programs.

In one shocking example, since 2022, the DOJ has filed federal criminal charges, including conspiracy, wire fraud, money laundering, and bribery, against 60 defendants for participating in a single $250 million fraud scheme to exploit a child nutrition program during the COVID-19 pandemic. Sixteen of those defendants have already pleaded guilty. Minnesota Department of Education (MDE) received funding from the US Department of Agriculture (USDA) Federal Child Nutrition Program to provide free meals to children in need. Meals served by the program were provided at “sites” that were sponsored by an MDE-approved sponsoring organization. During the COVID-19 pandemic, the USDA allowed for-profit restaurants to sponsor meal sites and also for meal sites to be located outside of schools. At the center of the fraud was a nonprofit organization, Feeding Our Future (FOF), which allegedly sponsored 250 fraudulent meal sites throughout the state of Minnesota and then fraudulently obtained and disbursed $240 million in program funds to the operators of those sites knowing they were fraudulent. The government alleges that the defendants created shell companies to function as meal sites, falsified documentation of children served at the sites, and then used the proceeds to purchase luxury vehicles, residential and commercial real estate, and international travel. FOF went from receiving and disbursing approximately $3.4 million in federal funds in 2019 to nearly $200 million in 2021. During that time, FOF allegedly “received more than $18 million in administrative fees to which it was not entitled,” and its “employees solicited and received bribes and kickbacks from the individuals and companies” sponsoring the fraudulent sites.

In another example, in July 2016, a federal judge sentenced the former chief executive officer of two Alabama nonprofit health clinics to 18 years in prison and ordered him to pay $13.5 million in restitution for funneling federal grant money to private companies that he formed to contract with the clinics. The criminal actions of the CEO had significant collateral effects, causing one nonprofit to close its doors, driving the other nonprofit to the brink of bankruptcy, causing employees of both nonprofits to lose their jobs, and precipitating the collapse of a credit union.

Awarding Agencies Face Increased Pressure to Ramp up Administrative Sanctions, Including Suspension and Debarment, Due to Improper Use of Grant Funds

OIGs employ auditors and evaluators to “ensure that grantees comply with Federal regulations and grant terms, evaluate associated risks with the grants and grant recipients, identify questioned costs and internal control deficiencies, and make recommendations to grant recipients and Government agencies for improvement.” When OIGs find noncompliance, they often work with grantees to resolve issues administratively, such as through cost disallowance.

One tool available to agencies to combat grantee noncompliance is the option to incorporate special conditions in funding agreements, such as a requirement to seek reimbursement, in lieu of advance payments. When grantee noncompliance does not resolve after imposing special conditions, an awarding agency may temporarily or permanently withhold further grant payments, disallow costs (including cost-share credit), fully or partially suspend or terminate the grant award, or suspend or debar the grantee.

Debarment and suspension are severe penalties that can have dire consequences for a grantee. Suspension is a temporary status of ineligibility, pending completion of an investigation or legal proceeding, whereas debarment is a final determination of ineligibility for a set period of time, generally not more than three years. Federal grant regulations include uniform regulations for government-wide debarment and suspension. An organization that is suspended or debarred from obtaining federal grants is also ineligible to obtain federal prime contracts and lower-tier subcontracts and grants. Moreover, many state and local entities and other organizations that rely on nonfederal public funding will preclude federally debarred or suspended organizations from participating in their own state or local contracts and grant programs. In fact, many nonfederal grant applications ask whether the applicant has been suspended or debarred in the past five years. An affirmative answer to that question usually disqualifies the applicant.

Grant Compliance Fundamentals

The fundamental themes of grant compliance are fairly straightforward: (a) identify and understand all grant terms and conditions so that you know what is required of you; (b) ensure your organization adopts the appropriate internal controls to satisfy those requirements, and the use those controls to comply; (c) keep detailed records of compliance; (d) make sure all certifications are accurate; and (e) work with government staff to answer questions and resolve problems as they arise.

Identify and Understand All Grant Terms and Conditions (Particularly Those That Differ from the Uniform Guidance)

The terms and conditions of federal grants are dense, particularly those terms incorporated by reference to federal regulations that are often over-layered with state and local terms and conditions. Dense as they may be, it is imperative that individuals invest the time and resources necessary to understand and comply with all applicable grant terms and conditions.

Before even submitting a proposal for federal grant funding, it is a best practice to gather and analyze all available documents governing grantees. To do this, review the agency solicitation document carefully to identify all references to regulations and other documents and review the full text of those documents. Common types of documents comprising a federal award include agency- and award-specific terms and conditions and program-specific laws and regulations. Repeat the process of gathering documents incorporated by reference until you have a complete suite of the relevant grant documentation. Read through these materials and evaluate which provisions apply to your particular organization and award, ensuring your organization can comply with those terms.

After receiving notification of award, supplement your compilation of grant documents and list of compliance obligations, as necessary. Although this is a tedious process, an effective compliance program is tailored to the actual requirements, and those can vary from grant to grant.

The federal government knows how onerous grant compliance is for recipients, particularly when agencies layer additional policies and conditions on top of the Uniform Guidance. For example, in June 2016, GAO decried the administrative workload and costs imposed on recipients of federal research grants awarded by NASA, the NIH, the National Science Foundation (NSF), and the US Department of Energy (DOE), recommending that each agency work to streamline administrative procedures to reduce those burdens. OMB’s latest proposed overhaul of the Uniform Guidance aims to “materially decrease the burden” of grantees, but history teaches that such efforts often have minimal impact, with successful grantees learning to thrive within regulatory and compliance complexity.

At nearly 100,000 words, the Uniform Guidance is a formidable document for even the most seasoned grant professional. It lays out detailed rules for nearly all aspects of federal grants, including uniform administrative requirements, cost principles, and audit requirements. OMB adopts the Uniform Guidance as model grant regulations for all agencies, but each federal agency must adopt their own grant regulations through rulemaking. As a result, each agency has its own grant regulations, and although they generally track the Uniform Guidance, they are not always identical. Agencies have limited discretion to deviate from the Uniform Guidance, with prior approval from OMB. Several agencies adopted the Uniform Guidance verbatim as their grant regulations. Most agency deviations are narrow and easy to identify, but other deviations are less obvious. For instance, the US Department of Health and Human Services (HHS) copied the entire Uniform Guidance into its own regulations and then altered portions of the text, making it difficult to identify the differences.

In addition to regulatory requirements, grants often incorporate agency-specific policies. For example, all NIH grants are subject to the NIH Grants Policy Statement, which defines the policy requirements that serve as terms and conditions of NIH grant awards. The NIH Grants Policy Statement is incorporated by reference into all NIH grants and frequently updated. NIH grantees must also review the agency website for additional terms and conditions for specific grant programs.

Adopt Effective Internal Controls

Basic Explanation of Internal Controls

Internal controls are company procedures designed to ensure effective and efficient operations, reliable reporting for internal and external use, and compliance with laws and regulations. Grantees must adopt internal controls that provide reasonable assurance that award funds are being managed in compliance with federal statutes, regulations, and grant terms and conditions. The Uniform Guidance allows grantees flexibility to tailor their internal controls. At the very minimum, in its system of internal controls, a grantee should adopt written policies and procedures; train employees in all roles; conduct periodic internal audits; identify noncompliance, and correct it; and then revise policies and re-train employees. Internal controls should create a culture of compliance.

Good Internal Controls Can Help Protect Organizations from Employees’ Bad Actions

The purpose of internal controls is to provide “reasonable assurance” that the organization is and will remain in compliance with federal grant requirements. There is no way to completely eliminate the risk that individual employees will make bad choices that expose the organization to grant-related liability. Internal controls aim to help the organization identify, stop, and correct the bad actions of rogue individuals. A strong record of effective internal controls can help defend the organization in the face of material noncompliance by individual employees.

A single bad actor can drag an entire institution into protracted litigation and government investigation For example, Duke University recently resolved a whistleblower lawsuit from an employee who alleged that the University and its professors used false data to fraudulently obtain federal research grants from NIH and the Environmental Protection Agency (EPA). The whistleblower alleged Duke ignored warning signs and tried to cover up the fraud. After conducting an internal investigation, Duke confirmed that a former lab tech did falsify or fabricate data that went into 29 medical research reports. In 2019, Duke agreed to pay the US government $112.5 million to resolve the allegations. The whistleblower received $33.75 million from the settlement.

Even when an organization effectively distances itself from the fraudulent actions of its employees, the organization may still face significant liability in the form of penalties for contract breach, damage to goodwill, protracted legal expenses, and even suspension or debarment. For instance, in 2005, Harvard University agreed to pay $26.5 million to the US government to settle a five-year-old lawsuit that implicated two University employees for self-dealing. Although Harvard itself was cleared of the fraud allegations, it still faced damages for breaching its contract with the US Agency for International Development (USAID). In April 2017, Partners HealthCare System and Brigham and Women’s Hospital, a Harvard Medical School teaching hospital, agreed to pay $10 million to settle allegations of research fraud, including allegations that researchers fabricated information, including cardiac stem cell research data and images, and used those data in applications for NIH funding.

What to Do in Times of Crisis—the True Test of Internal Controls

An important part of effective internal controls is a crisis mitigation plan that addresses what the organization will do when someone learns of noncompliance. What an organization does after learning about noncompliance can make a critical difference to enforcement agencies. Grantees should adopt clear written policies to guide the organization through compliance crises, including clear reporting avenues and internal investigation protocols. Self-reporting may not spare the organization from paying damages and even penalties, but it can operate as an important mitigation factor in reducing the amount paid.

The Uniform Guidance requires grantees to make timely written disclosures of “all violations of Federal criminal law involving fraud, bribery, or gratuity violations potentially affecting the Federal award.” Entities with awards in excess of $10 million must also report certain civil, criminal, or administrative proceedings as well. As a practical matter, it can be difficult to determine when facts amount to “violations” of law. Recognizing this, the October 2023 proposed rule adopts the “credible evidence” standard seen in other mandatory disclosure requirements, such as the Federal Acquisition Regulation (FAR). Failure to make disclosures when they are “mandatory” exposes grantees and individuals to significant civil, and even criminal, risk.

Consider the experience of the University of North Texas (UNT). After discovering wide-ranging noncompliance by the UNT Health Science Center under NIH-sponsored research grants between January 2011 and February 2016, UNT self-disclosed those errors to the federal government. In February 2018, UNT agreed to pay $13 million to settle the resulting FCA claims. If self-disclosure led to a $13 million settlement, imagine how high that number could have been if a whistleblower had disclosed the errors to the government instead of the grantee, UNT.

Keep Detailed, Contemporaneous, and Accurate Records in Auditable Format

The Uniform Guidance does not require grantees to provide invoices or billing details to support how they spent grant funds. Instead, the Uniform Guidance merely requires grantees to submit proposed budgets during the application process followed by statements of expenditures, referred to as federal financial reports (FFR), required (at the most) quarterly and at grant closeout. Without requirements to submit detailed financial reports, grantees often underestimate the scale and importance of their recordkeeping obligations. A fundamental part of grant compliance is “showing your work” because, when audited, grantees have the burden to demonstrate all costs charged under a grant are proper.

Records should be contemporaneous and include source documentation. Organizations should consider documenting their decisions, particularly decisions that involve judgment calls, and detail their process and rationale. All grant-related records should be kept in an auditable format in accordance with recordkeeping requirements.

Failure to maintain proper documentation is a common pitfall that can compound noncompliance risks, frustrate auditors, and even entice employees to falsify records or make false statements in hopes of stemming the damage. Faced with mounting pressure from government investigators, employees at Jackson State University (JSU) allegedly overcame their lack of documentation by falsifying time and effort reports, and then providing those falsified reports to investigators. Ultimately, in February 2017, JSU settled an FCA lawsuit by agreeing to pay $1.17 million for mismanagement of NSF grant funds.

After a grant audit revealed improper use of federal grant money, the New York–based Institute for Cancer Prevention settled FCA allegations for $2.3 million, repaid misspent grant funds of $5 million, and agreed to implement necessary procedures to prevent further fund misuse. Despite the Institute’s agreement to settle the claims in 2006, the Institute’s former CFO doubled down on his efforts to “conceal the improper requests for grant funds.” In 2008, the former CFO pled guilty to obstruction of justice for repeatedly lying to federal agents about the false statements made by the Institute.

Ensure All Certifications Are Accurate

Every time a grantee submits an FFR or vouchers requesting payment from the federal government, the grantee must make the following certification, signed by an official with the legal authority to bind the grantee:

By signing this report, I certify to the best of my knowledge and belief that the report is true, complete, and accurate, and the expenditures, disbursements and cash receipts are for the purposes and objectives set forth in the terms and conditions of the Federal award. I am aware that any false, fictitious, or fraudulent information, or the omission of any material fact, may subject me to criminal, civil or administrative penalties for fraud, false statements, false claims or otherwise. (U.S. Code Title 18, Section 1001 and Title 31, Sections 3729–3730 and 3801–3812).

Therefore, it is important to check those submissions for accuracy. Grantees (as well as other subrecipients and organizations) must ensure their internal controls adequately manage the claim certification process, including who is certifying on behalf of the organization, what they are certifying, whether they are in a position to verify the accuracy of certifications, and whether they have been actually making and documenting those verifications.

Although it is difficult, it is imperative that grantees ensure the representations and certifications of their subrecipients and contractors are accurate before passing them along to the federal government. In December 2014, the Maricopa County Community College District (MCCCD), the entity responsible for operating community colleges in Maricopa County, Arizona, agreed to pay over $4 million to resolve allegations that it submitted false claims concerning AmeriCorps state and national grants. Prompted by a whistleblower lawsuit filed by an MCCCD employee, the DOJ alleged MCCCD improperly certified that students met service-hour requirements so that they would earn education award funds from the Corporation for National and Community Service. The whistleblower’s share of the settlement was over $775,000.

Establish and Maintain an Open Line of Communication with Federal Grant Staff

Grantees benefit from establishing and maintaining open lines of communication with the federal staff administering the grants. After all, grantee staff and grant officers have the same mandate and goal: accomplish the grant objectives in full compliance with the applicable terms and conditions.

When in doubt, ask questions. Understand the roles and responsibilities of the federal employees you deal with and, importantly, the limits of their authority to act for the government. Each grant should clearly identify the agency staff, such as grants management officers and grants program officers, that have authority over various aspects of the grant.

Certain lines of inquiry are best exchanged in writing, while other topics are best broached by phone. During informal conversations, you are likely to learn much more about the actual expectations and mechanics of grant compliance. Starting with an informal conversation is usually the best course of action. And it can be particularly valuable to get approval from the grant officer on difficult compliance decisions.

Once you receive the insight or clarity that you need from the grant officer, it is best to get that guidance in writing before relying on it. Consider summarizing the advice as you understand it and then sending that summary to a grant officer with a simple yes/no question: “Is this accurate?” Prepare your own contemporaneous notes of all discussions, particularly if the grants officer will not put anything in writing. Having a record of diligent efforts to comply can help mitigate future FCA risk.

Do Not Learn the Hard Way—Heed the Lessons Learned by Other Grantees and Organizations

The overarching principles of compliance introduced in the previous section may seem obvious, even simple. Their complexity becomes apparent when organizations attempt to implement those best practices in the context of specific requirements. Federal grant recipients can learn about the risks of noncompliance through the unfortunate experiences of other organizations.

Get Your Facts Right in Grant Applications and Proposals

Federal grant applicants must ensure that all factual statements made in grant applications are accurate, especially any fact that will impact funding decisions and award calculations. Strong internal controls are essential to safeguard against intentional or inadvertent misstatements.

Consider the recent experience of Stanford University, which agreed in 2023 to pay $1.9 million to resolve allegations that it violated the FCA by submitting research grant applications that failed to disclose current and pending foreign support that 12 faculty members expected to receive in direct support of their federally funded research. The government alleged that Stanford submitted 16 research proposals to five federal agencies that contained incomplete and inaccurate disclosures that put sensitive research by the US military at risk of disclosure to foreign interests. Stanford lacked the internal controls necessary to ensure that faculty pursuing research grants complied with this essential disclosure requirement. As stated by the DOJ, federal agencies “rely on grant recipients to accurately track the commitments of their personnel and fully disclose all funding sources” and, as demonstrated in this case, they will hold grantees responsible for employee errors.

In late 2023, a company that owned and operated Denny’s restaurants throughout Arizona and New York was required to pay $2 million for falsely certifying eligibility for a Restaurant Revitalization Fund grant through SBA (established in 2021 as part of the American Rescue Plan Act). In the grant application, the owner falsely certified eligibility by checking a box on a form confirming the company and affiliates did not own more than 20 locations. The suit was initiated by a relator, who received $200,000 of the settlement. The owner could have intentionally misrepresented the number of restaurants he owned, or he could have misunderstood the manner of calculation or been reckless and rushed through the form without careful review. Regardless of the reason, false certifications in applications for federal grants expose grantees and their principals to significant liability.

In 2015, a nonprofit children’s hospital agreed to pay $12.9 million to settle allegations of a variety of FCA violations, including that the hospital misreported its available bed count on its application for an HHS grant to fund graduate medical education programs to train its pediatric residents. The investigation was prompted by a former hospital employee, who received nearly $2 million from the settlement. Based on available information, it is unclear whether the hospital’s miscalculation was intentional or inadvertent, but in either event the error resulted in significant, unnecessary expense and reputational harm to the hospital.

Another type of certification that grantees often overlook is the obligation to disclose conflicts of interest. Failure to disclose conflicts of interest when required by grant program rules can lead to FCA allegations that the omission resulted in the federal government approving funding that it would not otherwise have approved.

Propose What You Intend to Do and Tell the Agency If Plans Change

In funding applications, grantees submit detailed work plans that are material to agency award decisions. In exchange for specific efforts to achieve a public purpose, the agency agrees to reimburse grantee costs.

Adherence to the grant work plan is a material compliance obligation, so it is imperative that grantees are honest and realistic in their work plan proposals. For instance, in research proposals, applicants must be honest when stating the amount of time that researchers will devote to the project, and proposed levels of effort are material criteria in grant evaluation. Inflated estimates of the percentage of time that researchers plan to devote to a project are misleading statements that can result in FCA exposure. In 2004, Johns Hopkins Bayview Medical Center agreed to pay $2.6 million to resolve FCA allegations, including that the medical center knowingly overstated the percentage of effort that the researchers were able to devote to medical research grants. The whistleblower, an employee at the medical center, received 17 percent of the settlement.

Grant terms detail which deviations require approval from or notice to a funder, and internal controls are essential to identify deviations from approved grant work plans, as illustrated by Cornell University’s unfortunate experience. In 2012, the US Court of Appeals for the Second Circuit upheld a judgment against Cornell University Medical College for misstatements in its original and renewal applications for an NIH research training grant. Cornell failed to use the grant funds as described in its funding proposal and required under the grant terms, and then neglected to tell the NIH about the changes. Cornell failed to inform NIH about changes in key personnel and failed to inform NIH that, contrary to the content of its proposal, research fellows were never evaluated by a training committee, had limited access to patients, and were conducting unrelated research. The court held that false statements in grant applications were material to the funding decisions, making them false claims.

Once a grant application has been submitted and an award letter received, the attention to detail tends to decline—at great risk to the grantee. In Cornell’s grant, as in most grant agreements, the grantee was required to “immediately notify” NIH of “developments that have a significant impact” on the research program.

Pay Attention to the Statements and Certifications Made in Grant Renewal Paperwork

Although applications for original grant awards generally require extensive proposals and competitive reviews, renewal applications for continued funding are awarded on a noncompetitive basis in response to progress reports and involve simple forms. As a result, it can be tempting for grantees to pursue and receive follow-on funding without much thought as to the significance of the statements contained in the new award documents. As illustrated by the Cornell case, discussed above, verifying the accuracy of statements in submissions for follow-on funding is just as important as verifying the accuracy of original grant proposals.

Cornell’s application for the research training grant was 123 pages long, outlining the proposed training program in great detail. Preparing a proposal of that length and complexity requires considerable time and attention from the would-be principal investigator and their support team. Under the terms of the grant, Cornell was required to submit annual renewal applications and progress reports detailing the status of the project, including a comparison of actual accomplishments with the goals and objectives for the period. In each renewal application, Cornell certified that there were no material alterations to the program as described in the original application, when, in fact, actual performance diverged significantly from the original grant proposal. The court held that false statements in the renewal application were material to the funding decisions, resulting in false claims.

Spend Grant Funds on Allowable, Allocable, Necessary Expenses That Comply with Grant-Specific Requirements

Grantees must spend grant funds in strict accordance with the Cost Principles in the Uniform Guidance. At a high level, in order to be charged to a grant, costs must (1) be necessary and reasonable for performance of the grant, (2) be allocable to the grant, (3) be allowable, (4) be consistent with federal policy, (5) be accorded consistent treatment, (6) be determined in accordance with generally accepted accounting principles (GAAP), (7) not be paid for by another federal grant program, (8) be adequately documented, and (9) be incurred during the approved budget period.

In addition, it is essential that grantees spend grant funds only for the purposes and activities detailed in their grant award. Federal courts have concluded when a grantee spends federal funds for activities that were not approved by the grant award, the grantee is making false claims to the government and is therefore liable under the FCA. Federal courts have measured government damages for misuse of grant funds as equal to the entire amount of the award, concluding that the government entirely lost the opportunity to award the money to a recipient that would have used the funds as the government intended. Rice University learned this lesson the hard way in 2020.

In April 2020, Rice University paid $3.7 million to resolve claims it engaged in a pattern and practice of improperly charging NSF research and development grants for unallowable costs and falsely certifying in grant applications and pay requests that it was complying with terms and conditions. Rice allegedly budgeted for graduate student stipends in its research grant proposals but then used a portion of the money to pay graduate students to perform teaching duties unrelated to the NSF awards. Because the teaching costs were unrelated to the grant, they were neither allocable nor allowable under applicable grant regulations. The $3.7 million payment was double the loss to the government for the original grants.

In an astonishing example of a grantee spending federal funds in violation of grant requirements, the City of Los Angeles and its local redevelopment agency allegedly took millions of dollars in HUD grants to build housing for persons with disabilities but spent the money to build housing that was not accessible. HUD OIG announced that the redevelopment agency paid $3.1 million to resolve the FCA allegations in 2020, and the DOJ continues to “litigate additional allegations that the City of Los Angeles covered up its failure to comply with federal laws.”

When grantees combine funding streams to accomplish projects, adherence to cost requirements gets even more complicated and fraught with risk as multiple agencies act as watchdogs, as Florida’s Technological Research and Development Authority (TRDA) and the Melbourne Airport Authority (MAA) learned in 2012. To settle allegations that they improperly combined funds from more than one federal agency to construct an office building incubator facility at the airport, which was expressly prohibited by the terms of their Economic Development Administration (EDA) grant, TRDA and MAA agreed to pay $15 million and $4 million, respectively. TRDA also settled allegations that construction of the office building was outside the scope of its NASA grants.

Identify Unallowable Costs and Do Not Charge Them to Federal Grants

Grantees may only charge the government for “allowable costs.” The Uniform Guidance discusses the allowability of 75 types of costs commonly incurred by grantees, noting, for example, that the costs of alcoholic beverages and goods or services for personal use are always unallowable, and prescribing detailed restrictions on the allowability of contingency reserves, entertainment, professional service costs, and personnel costs. Of particular relevance to the legal community, attorneys providing legal services to grantees and subrecipients should carefully study the restrictions allowability of legal fees. Additional rules about allowability apply to specific grant programs.

Effective internal controls must ensure that all expenses charged under federal grants are allowable because charging unallowable costs to a grant exposes grantees to significant liability. Consider the experience of Northwestern University (NU). A whistleblower claimed that a researcher at NU charged personal expenses as business expenses to federal cancer research grants, including the costs of family trips, meals, and hotels for himself and his friends and for consulting fees for unqualified friends and family members. As a result, the government alleged that NU “allowed” the researcher to submit those false claims, leading NU to pay $3 million to settle the FCA lawsuit. Nearly $500,000 was paid to the whistleblower.

While multimillion-dollar settlements are not catastrophic to large grantees like NU, they can bankrupt smaller entities, like the New York–based Institute for Cancer Prevention (ICP). In the face of FCA allegations that the ICP drew down $5 million of federal grant money to pay bills ineligible for reimbursement in 2002 and 2003, and from 1991 to 1994, ICP settled with the government for $6.3 million and filed for bankruptcy in 2004.

Ensure All Costs Are Allocated to the Appropriate Grant

A fundamental cost principle for federal grants is that all charges must be allocated to the appropriate grant. Proper allocation can be challenging for large organizations, such as institutions of higher education, which must account for hundreds of grants each year. Strong internal controls help ensure that all expenditures are allocated to the correct grant, which is essential, because improper allocation of expenses to the wrong grant creates significant FCA exposure.

It can be tempting for organizations to transfer costs from overspent grants to underspent grants, but such transfers could lead to FCA liability. In 2005, the Mayo Foundation faced FCA allegations that it charged grants for unrelated research and transferred research costs from overspent to underspent grants. The government alleged that Mayo’s accounting system was unable to monitor and manage charges made to federal grant awards as required under federal law. Mayo agreed to pay $6.5 million to resolve the allegations, of which the whistleblower, a former accounting associate for Mayo, received $1.3 million.

It can be tempting to spend down grants near expiration dates, but grantees do so at their peril. In a 2008 investigation of Yale University, allegations included that researchers “spent down” remaining grant funds near expiration dates via improper cost transfers. Yale University faced allegations that it submitted time and effort reports charging 100 percent researcher time to federal grants when the employees were actually engaged in unrelated work. Of the $7.6 million paid as settlement, half was for actual damages, the other half for penalties.

Do Not Double-Bill

Grantees should not bill the government twice for the same costs. As simple as this requirement may sound, the more grants an organization manages, the harder it can be to guard against double-billing. Nonetheless, it is imperative that grantees managing numerous grants adopt effective internal controls to prevent double-billing or risk enforcement actions because this is an area of focus for agency watchdogs. For instance, in 2021, GAO warned HUD to be vigilant of applicants “double dipping” by applying for federal assistance without disclosing assistance received from other sources, and also of risks that contractors and vendors performing work on disaster recovery projects will double-bill.

Research grants are another area in which grantees can be tempted to maximize federal funding by tapping multiple grant programs for the same work. In 2019, a small business recipient of seven different contracts and grants awarded through the federal Small Business Innovation Research (SBIR) and Small Business Technology Transfer (STTR) programs and its CEO agreed to pay $2.75 million to settle FCA allegations that they sought and received research funding from five different agencies for equivalent work, falsely certifying that the work was not duplicative. Employees were directed to falsely complete timesheets for direct labor they did not perform and to submit false invoices to the funding agencies.

Lax internal controls in large institutions can also lead to double-billing by staff, leading to FCA exposure. After a research compliance officer and academic physician blew the whistle, the University of Alabama at Birmingham (UAB) agreed to pay the government $3.39 million to settle FCA allegations, including that UAB double-billed Medicare and NIH for the same research costs.

Do Not Commingle Grant Funds

Grant recipients must maintain separate records for each grant, and, therefore, should not commingle grant funds. A grantee commingles funds when grant funds are deposited to an account that also contains other federal or nonfederal funds and the grantee fails to maintain the internal controls needed to separately track the funds for that grant. Because grant funds cannot be traced to determine how they are spent, there is no way to determine if the commingled grant funds were expended on allowable costs.

Organizations that commingle grant funds risk having all grant expenditures disallowed. After following a tip received through a fraud hotline, the USDA OIG found that the nonprofit Nevada Fire Safe Council (NFSC) improperly comingled $2.7 million in federal grants with other organization funds. Because expenditures charged to the Forest Service grants lacked proper support, the OIG determined that all grant expenses were unallowable and instructed the Forest Service to recover the full amount from NFSC. As a result, NFSC filed for bankruptcy.

Commingled grant funds can also give rise to FCA liability. In January 2016, DOJ announced that Big Brothers, Big Sisters of America agreed to pay $1.6 million to resolve allegations that the organization commingled federal grant funds with general operating funds, failed to segregate expenditures to ensure that the funds were used as intended, and failed to maintain internal financial controls to safeguard the proper use of those funds. The allegations arose from a 2013 audit performed by the DOJ OIG. In the wake of the audit, Big Brothers, Big Sisters replaced its management team.

Understand the Difference Between Direct and Indirect Costs; Invoice Accordingly

Direct and indirect costs are treated differently under federal grant rules. Direct costs are incurred for a specific grant purpose and can be assigned specifically to a final cost objective of the federal grant. Typical direct costs include salaries and related fringe benefits for employees working on the grant, travel costs, and materials. Conversely, indirect costs (also referred to in the Uniform Guidance as Facilities and Administrative (F&A) costs) benefit multiple cost objectives and cannot be readily assignable to a single, specific objective of the federal grant. Typical indirect costs include salaries and related fringe benefits for administrative and clerical staff, general overhead expenses (such as insurance, taxes), and depreciation. Federal regulations note that there “is no universal rule for classifying certain costs as either direct or indirect (F&A) under every accounting system.” The rules allow grantees to choose whether to treat a cost as direct or indirect, and then require grantees to be consistent how they treat each type of cost. The purpose of consistent treatment of direct and indirect costs is to avoid double-charging in federal awards. Agencies will reject the classification of costs as direct when they are already covered under an organization’s indirect cost rate.

Characterizing costs as indirect as a means to circumvent limits on direct costs is unallowable, as demonstrated by the recent experience of International Education Services (IES). In 2021, HHS OIG disallowed nearly $20 million in costs that IES charged to 14 cooperative agreements under which IES was to provide residential shelter and related services to children in Texas under the Unaccompanied Children program. Over $850,000 of the disallowed costs were attributable to IES’s efforts to circumvent salary caps by charging excessive executive salaries to the grant’s indirect cost pool.

Mischaracterizing expenditures as direct costs when they should be indirect costs also creates FCA exposure. For example, faced with FCA allegations that it overcharged hundreds of grants by classifying the administrative costs of equipment and supplies as direct costs, the University of Florida settled for nearly $20 million.

Correctly Calculate Your Indirect Costs

Indirect costs are a significant portion of federal government grant costs. For instance, of the $23 billion spent by NIH in 2015 to support extramural research, $6.3 billion were paid for indirect costs of grantees. Institutions of higher education (IHEs) tend to have the highest indirect cost rates, averaging 27 percent under NSF grants for FY 2016, but other grantees also rely heavily on indirect cost recovery to recoup the costs to run federal grant programs.

Because they provide limited benefit to the federal government and their proper calculation is always open to debate, indirect costs have been the subject of significant attention by federal regulators in recent decades. Before the COVID pandemic, the GAO was already putting pressure on federal granting agencies to improve their oversight of indirect costs charged by grantees, and that pressure is even more intense today.

Federal grant regulations include detailed rules for determining the allowability of indirect costs by grantees, including different requirements for certain types of entities, including for IHEs and other nonprofit organizations. Allowable indirect costs can be established in an indirect cost rate (ICR) that is negotiated with one federal agency and applicable to all federal grants for a set period of time. Alternatively, organizations can use a de minimis ICR of 10 percent. Some grants, however, prevent or limit recovery of indirect costs.

Grantees do not need to charge indirect costs to their grants, and plenty of grantees conclude the expense of recovering their indirect costs would exceed the amounts recovered. If grantees do decide to recover indirect costs under their federal awards, they must adopt robust internal controls to ensure and document full compliance with the requirements. Common pitfalls relating to indirect costs include adding excessive costs in the base pools used to calculate the ICR, using the incorrect ICR to calculate costs charged to grants, and charging indirect costs to a grant when indirect costs were not part of the approved award budget.

Improper application of ICRs can also lead to FCA liability. In 2016, Columbia University agreed to pay the government $9.5 million to settle FCA claims after admitting that it charged its 61 percent on-campus ICR, rather than its much lower off-campus 29.4 percent ICR, to 423 NIH research grants between 2003 and 2015.

Accurately Track Time and Effort

Unlike other costs, labor is not supported by external documentation or physical evidence to provide independent verification. As a result, it is an area ripe for fraud and mismanagement. Recent FCA enforcement actions demonstrate heightened focus on grantee failures to follow federal rules related to time and effort (T&E) requirements. A common practice within organizations is to use a T&E system that allows automatic allocation of employee time to multiple projects and allow batch approval by supervisors; however, this type of system does not comply with the Uniform Guidance and creates FCA risk.

Federal rules allow flexibility in the design of T&E internal controls, but effective T&E systems must ensure that all personnel charges are allowable under law and contract, allocable to the grant, reasonable, and auditable. Grantees that fail to create and retain documentation to support T&E charges risk cost disallowance and FCA enforcement, as demonstrated by the experiences of the University of North Texas (UNT) and the University of Florida.

The $13 million UNT settlement discussed above involved allegations that UNT failed to ensure that timekeepers and their supervisors provided appropriate and timely certifications of accuracy. In addition to the inaccurate and untimely certifications, UNT’s records of salary payments drawn from federal funds did not match their T&E reports.

A $20 million settlement in 2015 by the University of Florida, also discussed above, resolved allegations of improper charging to HHS for salary and administrative costs on hundreds of grants. The federal government alleged that between 2005 and 2010, the University overcharged hundreds of grants for the salary costs of employees without documentation to support the level of effort claimed on the grants for those employees.

T&E controls that do not ensure the government is billed for the proper percentage of T&E and only for those employees who worked on the grant also create significant FCA risk, as learned by the University of Alabama at Birmingham (UAB) and Yale University. UAB paid $3.39 million to settle FCA claims, including allegations that UAB overstated the percentage of T&E that researchers devoted to the grants, and also charged T&E for employees who did not work on the grants. Similarly, Yale University paid $7.6 million to settle allegations that it submitted time and effort reports charging 100 percent researcher time to federal grants when the employees were actually engaged in unrelated work. Of the $7.6 million Yale paid to resolve those claims, half was for actual damages, and the other half was for penalties under the FCA.

Choose Subrecipients Carefully and Monitor Their Performance as Closely as Your Own

Grantees that receive funding directly from a federal agency often rely on other organizations to help fulfill their grant obligations by delegating a portion of their obligations to a subrecipient through a subaward. When a grantee awards a subaward, the grantee becomes a “pass-through entity” because it passes grant obligations to the subrecipient. Conversely, purchases of property or services, including construction, are accomplished through contracts awarded to contractors. It is important for grantees to understand the difference between subrecipients and contractors because regulatory requirements are different.

No matter what portion of a grant is delegated to a subrecipient, prime grantees remain solely responsible to the granting agency for fulfilling the terms and conditions of the grant. Therefore, when selecting subrecipients, grantees must exercise caution because subrecipient noncompliance will typically be imputed to the grantee. The Uniform Guidance states that grantees must monitor subrecipient activities as necessary to ensure that funds are used for authorized purposes, in compliance with laws and subaward terms, and to ensure that performance goals are achieved.

The Uniform Guidance also addresses the format of payment under grants and subawards. The preferred method of disbursement is through advance funding, which allows grantees to immediately draw down funds to reimburse incurred costs. When subrecipients lack sufficient internal controls, subawards require reimbursements rather than advance payments. Under both the advance and reimbursement payment methods, subrecipients may only retain grant funds in an amount sufficient to cover actual costs incurred to achieve the public purpose. Fixed-price awards do not limit expenditure of federal funds to cover actual costs, and, therefore, the Uniform Guidance restricts the use of fixed-price subawards to mitigate the risk of grantees earning unchecked profit. For instance, fixed-price awards may not exceed the Simplified Acquisition Threshold, which is currently $250,000.

State, local, territorial, and tribal governments pass through the most federal grant funds, by far. In 2022, these governmental entities received roughly $1.2 trillion in federal aid, most of which was doled out to subrecipients. Given the magnitude of federal funds flowing through them, those local government agencies benefit from permanent professional grant staff and audit departments to assist with their grant compliance, as well as the liability protections afforded to public employees.

Auditors will evaluate grantee internal controls for subaward management, and auditors and investigators will look to prime recipients to provide documentation to support subrecipient compliance. Failure to monitor subrecipient compliance creates significant liability exposure for grantees. Federal agencies regularly disallow subrecipient costs when prime recipients are unable to produce source documentation for costs charged to federal awards. General ledgers or financial statements are not sufficient documentation to satisfy a grantee’s burden of demonstrating cost allowability.

Other participants in federal grant programs must design and adopt internal controls with much less institutional memory or support, which can be daunting, but is imperative to mitigate risk. For instance, grantees that pass along subrecipient invoices that contain false information are submitting false claims. The 2015 University of Florida settlement discussed above included allegations that its Jacksonville campus inflated the costs of services performed by an affiliated entity, Jacksonville Healthcare Inc. Internal controls are necessary to ensure that subrecipient costs billed to the government are not inflated.

Follow the Procurement Rules When Awarding Contracts and Subcontracts

Whereas grantees have wide latitude in selecting subrecipients, the process for selecting contractors is highly regulated and requires “full and open competition” in accordance with specific procurement methods. Grantee compliance with the detailed procurement regulations must be documented, including the grantee’s rationale for the chosen solicitation method, contract type selection, contractor selection, and contract pricing. In addition, before grantees can even award contracts, they must adopt specific policies, and the resulting contracts must contain specific terms and conditions. The October 2023 proposed revisions to the Uniform Guidance aim (in part) to streamline the procurement process.

Moreover, when federal grants flow through or contain matching funds from nonfederal public entities, like state agencies, local governments, school districts, water authorities, or tribal governments, grantees may be subject to procurement regulations of the nonfederal entity, adding multiple layers of regulatory requirements.

A particularly onerous part of the regulations relates to contract cost and price analysis. Organizations new to federal grant practice are often surprised by the rigor required to follow contract pricing rules. For instance, grantees must conduct an independent cost estimate for the goods or services to be purchased; analyze quoted costs for reasonableness, allowability, and allocability; and document the entire effort. When there is no price competition and when cost analysis is performed, the grantee must negotiate profit as a separate cost element in the contract. In addition, regulations contain strict limitations on the use of time-and-materials-type contracts.

Grantees often overlook the need to comply with regulatory procurement requirements when spending federal funds to pay vendors that organizations use in the ordinary course of business. It is imperative for grantees and their staff to understand what types of purchases qualify as contracts under their federal awards. If a cost is included in the indirect cost pool, it is not subject to procurement standards, but when it is charged as a direct cost to the grant, then procurement regulations apply.

Ineffective internal controls for procurement can expose grantees to fraudulent schemes by bad actors. Investigations by the USDOT OIG are replete with examples of bad actors cheating state and local agencies spending transportation funds. For instance, in 2022 a former executive of a contractor performing work on federally assisted transportation projects in North Carolina was convicted for his participation in bid-rigging and fraud schemes involving more than 300 projects. The company pleaded guilty to bid-rigging and conspiracy to commit mail and wire fraud and agreed to pay criminal fines of $7 million and restitution of $1.5 million.

In an extreme case, a contractor that won a $50 million demolition grant from HUD to allow construction of a new housing development failed to comply with the competitive bidding process when selecting construction contractors, instead manipulating the process to direct work to preferred contractors after recruiting other contractors to submit inflated bids, thereby creating the appearance of competition. Both the contractor and participating companies were indicted on numerous charges.

Be Cautious When Participating in Projects Involving Small and Disadvantaged Business Preference Requirements

Regulatory requirements to provide small and disadvantaged businesses with preferential treatment when selecting contractors is another area fraught with risk for grantees and their contractors. Again, a recent USDOT OIG investigation brings home the point. Massachusetts DOT hired a company to act as a prime contractor and construction manager for a federally funded bridge project. The contractor was required to award a certain percentage of its subcontracts to DOT-certified disadvantaged business entities (DBEs), and to ensure that those DBEs served a commercially useful function on the project. Instead, the government alleged that the prime contractor performed the commercially useful work and merely used the DBE as a pass-through to create the appearance that a disadvantaged business did the work. The prime contractor paid $1.1 million, and the DBE paid $146,000 to resolve the investigation, and the DBE was subsequently suspended from participation in federal programs of any sort.

Bad actions of contractors can drag suppliers into FCA liability, as well. In 2023, Sherwin-Williams paid $1 million to settle allegations that it was knowingly complicit in a fraudulent DBE scheme on a DOT-funded project. A non-DBE painting contractor subcontracted with a DBE supplier to provide paint for a bridge, but the DBE contractor did not perform any commercially useful function and was merely a “pass-through” entity that created the appearance of DBE participation. The non-DBE ordered the paint from Sherwin and Sherwin delivered the paint to the non-DBE company. Nonetheless, Sherwin invoiced the DBE for the paint, knowing that the DBE would mark up the cost and invoice the non-DBE—actions that led to FCA allegations against Sherwin.

Monitor Contractor and Subcontractor Performance or Risk Liability for Their Noncompliance

Grantees that rely on contractors to provide goods or services, including construction, in support of a federal award are responsible to the federal government for the actions of their contractors and must monitor their contractors to ensure they comply with all applicable award conditions.

The recent influx of federal funding, particularly for infrastructure, is bringing new entities into the federal grant world, including general construction contractors, specialty contractors, architects and engineers, material suppliers, and the vendors that support them. Contractors are often surprised to find federal compliance obligations in their contracts, including domestic sourcing requirements under the various “Buy America” statutes, and Construction Labor Standards (such as the Davis Bacon Act), and wage and hour requirements. Relying on contractors that are new to federal projects brings additional risks to the monitoring obligations of grantees. Even experienced contractors are struggling to adapt to the onerous new requirements under the 2023 overhaul of Davis-Bacon Act Construction Labor Standards and the new Buy American requirements in the Uniform Guidance.

The influx of federal emergency money during the COVID-19 pandemic overwhelmed many, including state and local agencies that were ill-equipped to spend so much money quickly and responsibly. Opportunistic bad actors exploited that chaos, and they continue to prey upon ill-prepared grantees. Recall the experience of the Minnesota Department of Education (MDE) discussed above. MDE relied on its subrecipient, Feeding Our Future (FOF), to manage the increased flow of federal funds to community feeding sites, pouring $240 million into hunger relief efforts through FOF from 2020 to 2021 with lax oversight, while FOF and its contractors allegedly perpetrated one of the biggest grant frauds in history.

Grantees should take extra caution if they choose to rely on contractors to help with complex grant administration tasks, as illustrated by the recent experiences of seven states that relied on bad advice from the same contractor. In 2021, the Florida Department of Children and Families agreed to pay $17.5 million to resolve allegations that it violated the FCA in its administration of the USDA’s Supplemental Nutrition Assistance Program (SNAP) after relying on bad advice from third-party consultants. The federal government alleged that the consultants advised and encouraged states to engage in manipulation of quality control data to downplay errors and submit false quality control data to the government, which led to unentitled performance bonuses. Virginia, Wisconsin, Texas, Louisiana, Alaska, and Mississippi also settled similar allegations, along with the consulting company and its owner.  

Pay Close Attention to Cost Sharing and Matching Obligations

Grant agreements often require the grantee to share costs or provide matching funds as a condition of the grant award. Cost share or matching funds are the portion of project costs not paid by federal funds, often including cash and third-party in-kind contributions. Grantees often take a more relaxed approach to cost share compliance because it does not involve federal funds, but cost sharing obligations are contractual requirements that create more administrative requirements, not fewer. Contributions will only qualify for cost share credit if they are verifiable in the grantee’s records, are not included as contributions in other federal awards, are necessary and reasonable for accomplishment of the project, are allowable, did not come from another federal source, and are otherwise included in the approved project budget. To survive a cost share audit, grantees must demonstrate the source of cost share contributions and document that the contributions were valued in accordance with specific cost share valuation procedures. Grantees that offer cost sharing or matching funds should have internal controls on those subjects.

Remedies for failing to comply with cost share requirements vary depending on legislative and program requirements. In some cases, failure to meet cost share obligations will result in a reduction in grant funding commensurate with the shortfall in cost share.

Shortfalls in other programs lead to mandatory loss of all grant funds for that fiscal year on the theory that failure to satisfy cost share obligations constitutes a misuse of funds. Improper claims for cost share and matching credit can also give rise to FCA liability. In 2006, the University of Connecticut agreed to pay the federal government $2.5 million to settle a variety of FCA allegations, including that the University failed to provide the required cost sharing and matching. The FCA case implicated 500 federal grants from 1997 to 2004.

Failure to follow specific grant requirements related to cost sharing can also result in disallowance of cost share credit, and related agency disputes. As a condition of federal funding for a Job Opportunities and Basic Skills (JOBS) program, the State of Mississippi agreed to cost sharing. To achieve its cost share goal, the state contracted with the University of Mississippi to provide telecast education and training to JOBS program participants throughout the state. The federal awarding agency disallowed $1.3 million in cost share expenditures for failure to comply with cost accounting requirements. Although the state won its appeal of the disallowance, the dispute was an expensive detour for both the state and the University.

Adhere to Closeout Requirements and Return Unobligated Funds

A grant ends when it is closed out by the awarding agency or pass-through entity, which occurs when all applicable administrative actions and all required work of the federal award have been completed by the grantee. A grantee’s failure to comply with closeout requirements results in adverse information in the publicly available federal system of responsibility and qualification, which can affect that organization’s ability to receive federal awards in the future, and may lead to other enforcement actions.

One closeout requirement that grantees and agencies often overlook is the obligation to liquidate all financial obligations incurred during the period of performance within 120 days after the end of the period of performance, and to refund unobligated cash.

Failure to return unused grant funds creates FCA liability. In 2019, the University of Texas Health Science Center (UTHSC) at Houston paid $2.4 million to resolve FCA claims that it misappropriated grant funds when it drew down a significant portion of a 2012 NIH grant fund by ordering $1.2 million in genetic sequencing material just before the end of the grant period to avoid having to return unused funds. The government alleged that after grant closeout, UTHSC stopped shipment of the material and obtained a $1.2 million credit from the vendor, which it used to purchase goods and services from 2012 to 2017.

When grantees earn rebates or credits from vendors based on federal grant expenditures, the Uniform Guidance requires that grantees pass those benefits along to the federal government. Failure to do so leads to FCA liability, as the University of Wisconsin learned in 2019 when it paid $1.5 million to resolve allegations that it earned rebates and discounts from supply and equipment vendors and applied them to supplies and equipment purchased by grant funds but failed to credit the associated rebates to the grants.

Beware of Compliance Obligations That Survive Grant Closeout

Not all compliance obligations expire after grant closeout. It is essential that grantees understand and adhere to all surviving obligations, which include record retention, confidentiality, property standards, and intellectual property obligations, such as sharing patent royalties.

In 2023, Yale University and one of its professors paid $1.5 million to settle FCA and common law claims that they patented inventions developed through research funded by the US Department of Veterans Affairs (VA) but did not disclose patents to and share patent royalties with the VA. The government alleged that the professor disclosed patents to Yale, but Yale did not disclose those patents to the VA. In addition, the government alleged that Yale subsequently assigned the patent to another school that submitted documents to the US Patent and Trademark Office, removing any acknowledgment of support from the VA.


Recent expansion of federal grant funding has created thousands of new opportunities for organizations to participate in federally funded projects. Organizations that choose to seize these opportunities should proceed with caution, adopt best practices, and learn from the mistakes of others.