Audit Requirements for Nonprofits: The James Moore Guide

We’ve seen it more times than we can count: a nonprofit scrambling for an audit because a grant deadline is around the corner. And sure, that audit gets done. But it’s treated like a checkbox, a means to an end. What’s often overlooked is how much insight and strength an audit can actually bring to the organization itself.

If your nonprofit operates with $10 million or more in annual revenue, the stakes are simply higher. Large budgets bring larger responsibility. Financial transparency keeps your leadership informed to make better decisions, your funders confident to continue their support, and your mission protected.

So rather than waiting until someone else tells you it’s time for an audit, it’s worth taking a closer look at what really triggers audit requirements and how you can use that process to strengthen your operations from the inside out.

When an Audit is Required: Bylaws, Boards and Best Practices

Many nonprofit boards include audit requirements directly in their governing documents. And honestly, it’s a good move. Requiring an audit at a certain revenue threshold shows foresight and a commitment to fiduciary integrity. If you’re responsible for overseeing a multi-million-dollar budget, your decisions are only as good as the financial data in front of you.

That’s where an audit brings more than just peace of mind. It provides independent assurance that the financial reports your board is reviewing are reasonable and complete. This becomes especially important when board members are asked to approve budgets, expansion plans or grant applications that hinge on those numbers.

If your bylaws don’t currently require an audit, it may be time for a policy review. Not every nonprofit is legally obligated to conduct one, but that doesn’t mean it’s not in your best interest.

And if a full audit feels like too much for your current budget or size, a financial review might be the better fit. Reviews are more limited in scope and typically more affordable, yet they still provide outside assurance that can satisfy similar needs for boards, funders and lenders alike.

We’ve also seen organizations turn to agreed-upon procedures (targeted testing of specific accounts or internal controls) as a cost-effective way to address specific concerns. These aren’t full audits, but they’re certainly a step up from flying blind.

Whichever option you pursue, it’s important to treat these processes as tools to improve governance, not hurdles to jump over. Your board, your leadership and your funders deserve reliable financial information they can trust.

Funders and financial covenants: When the audit isn’t optional

Sometimes the decision to obtain an audit doesn’t rest with your leadership. Instead, it’s dictated by the requirements of banks, private grantors or government agencies. It’s common to see funders requesting audited financial statements as a condition of support. These requirements are for you to demonstrate your organization’s financial strength, internal controls and long-term viability.

Let’s start with banks. When your nonprofit seeks a loan or line of credit, lenders often require audited financial statements to assess your ability to meet repayment obligations. It’s also common to see financial covenants attached to the lending agreement. These might include maintaining certain debt ratios, liquidity benchmarks or net asset thresholds. In some cases, the lender may accept a financial review or even cash-basis financials. But that flexibility depends on the size of the loan and the risk appetite of the institution. Larger loans almost always mean higher assurance requirements.

Private grantors also tend to set the bar high. Foundations and large donors want assurance that their funds will be used responsibly. That’s why grant applications often ask for recent audits. If your nonprofit is pursuing high-dollar grants, being audit-ready is a strategic advantage. Missing this step can delay application processing or even disqualify you from consideration. It’s equally important to keep strong documentation around donor restrictions, spending compliance and financial reporting. That level of transparency builds trust and positions you for long-term funding success.

If your nonprofit isn’t currently subject to these requirements, now is the time to start preparing. Establish internal processes to track funder conditions, review your financial policies and get familiar with your organization’s debt or covenant obligations. Building this readiness early gives your team more flexibility when opportunities arise.

Knowing your state’s thresholds: One size doesn’t fit all

Even if a lender or grantor doesn’t require an audit, your state might. Most states have contribution-based thresholds that trigger audit, review or compilation requirements for charitable organizations. The key word here is contribution, not total revenue. This catches many organizations off guard. For example, a nonprofit with $5 million in earned revenue and $600,000 in contributions may still be subject to audit or review rules based solely on that contribution number.

In Florida, the rules are clear. If your nonprofit receives $500,000 or more in total contributions during the fiscal year, you must obtain a financial review. If your contributions reach $1 million, a full financial audit is required. These rules apply regardless of whether you’re headquartered in Florida, as long as you’re soliciting contributions from Florida residents.

Other states have different benchmarks, which can cause confusion for nonprofits with regional or national reach. Some states require audits as low as $250,000 in contributions. Others may not require anything until you hit several million. We recommend reviewing this interactive nonprofit audit requirement guide maintained by the National Council of Nonprofits. It breaks down each state’s requirement by contribution level, reporting threshold and documentation standards.

If your nonprofit is actively fundraising across multiple states, these thresholds should be part of your compliance calendar. Failing to meet them can result in penalties, delayed registrations or loss of good standing with the state charity officials. On the other hand, proactively tracking your contribution levels can help you budget for future audit needs and avoid scrambling at the eleventh hour.

Federal and state single audits: What they are and when they apply

If your nonprofit receives significant government funding, you may be subject to what’s called a single audit. Unlike a traditional financial audit that focuses only on your numbers, a single audit includes a detailed compliance review tied to the terms of your major federal or state grants.

Here’s how the thresholds break down. For fiscal years ending on or after September 30, 2025, any organization that expends $1,000,000 or more in federal awards must undergo a single audit. (Fiscal years ending prior to this date were subject to single audit at $750,000 or more of federal expenditures.) In the state of Florida, the threshold for state financial assistance remains at $750,000. If your organization meets or exceeds either of those thresholds, you’re required to complete both a full financial audit and a compliance audit in accordance with Uniform Guidance.

The compliance portion of a single audit focuses on how your organization used its grant funding. It evaluates whether you followed the terms of the grant agreements and spent funds in accordance with federal or state rules. This can include procurement policies, allowable cost principles, matching requirements and reporting obligations.

The process involves categorizing larger programs as either Type A or Type B depending on the amounts expended. The auditor then determines which of these programs qualify as major programs (which are the ones that undergo compliance testing based on size and risk).

It’s important to note that the single audit process takes time and preparation. Grant accounting must be precise. Supporting documentation should be available for every dollar spent. Program managers should understand their roles in compliance just as much as your finance team. Poor documentation or internal control weaknesses can result in findings, which are publicly disclosed and may affect your ability to receive future funding.

If your organization is close to the federal or state thresholds, it’s worth reviewing your grant agreements now. Tracking award expenditures by source and fiscal year will help you know when a single audit is required and allow you to plan accordingly.

Audit vs. review: Choosing the right level of assurance

When it comes to financial oversight, a full audit is not always required. In some cases, a financial review may be sufficient to meet your board’s needs or satisfy lender and donor requirements. Understanding the difference between the two can help you make the right decision for your organization and your budget.

A financial audit provides the highest level of assurance. It involves testing internal controls, confirming balances with third parties and reviewing supporting documentation. The goal is to express an opinion on whether your financial statements are presented fairly in accordance with generally accepted accounting principles (GAAP).

A financial review, on the other hand, provides more limited assurance. The CPA performing the review will analyze your financial statements and perform analytical procedures, but they generally will not test internal controls or verify balances. However, the CPA will still express whether they are aware of any material modifications that should be made to the financials.

In practical terms, reviews cost less and take less time than audits. They are a common option for nonprofits that fall below audit thresholds or are early in their growth. Reviews still show stakeholders that your organization has taken the step of engaging an outside expert to evaluate your financials. And they can be especially useful when paired with targeted procedures like internal control assessments or grant compliance testing.

If your nonprofit has never been audited and is considering one for the first time, a review might serve as a stepping stone. It provides your team with experience working with independent accountants and helps you strengthen internal processes before undergoing a more detailed examination.

That said, not all funders or lenders will accept a review in place of an audit. It’s important to understand the requirements of your specific agreements. Some may allow flexibility, while others will require a full audit regardless of your size.

Do nonprofits need an audit? What to know before your next grant or review

Audit requirements for nonprofits are never one-size-fits-all. From board policies to federal grant thresholds, the reasons behind an audit vary widely. Some are driven by compliance, while others are rooted in good governance and smart financial management.

But here’s the thing. An audit is more than a compliance exercise. It’s a chance to assess your financial health, strengthen internal controls and build confidence with the people who support your mission. Being proactive about audit planning can help you avoid surprises, respond confidently to funder requests and stay ahead of regulatory thresholds.

If you’re unsure whether your organization needs an audit, a review or something in between, we are here to help. The team at James Moore has deep experience supporting nonprofits across the spectrum — from those preparing for their first audit to those managing complex single audit requirements. We tailor our services to your size, your funding profile and your long-term goals.

Contact a James Moore professional to talk through your current needs and build a plan that keeps your nonprofit strong, compliant and ready for the next opportunity.

All content provided in this article is for informational purposes only. Matters discussed in this article are subject to change. For up-to-date information on this subject please contact a James Moore professional. James Moore will not be held responsible for any claim, loss, damage or inconvenience caused as a result of any information within these pages or any information accessed through this site.