Mandatory disclosure obligations significantly changed for federal grant recipients, sub-recipients, and applicants on October 1, 2024. The amended federal regulation establishing these mandatory disclosures (2 C.F.R. § 200.113) not only expands the scope of conduct that must be reported but it also lowers the standard of evidence triggering the mandatory disclosure. The regulation, which is a component of the Office of Management and Budget’s Uniform Guidance, applies to all federal grants, including approximately $350 billion disbursed under the American Rescue Plan Act (ARPA).

The Old Regulation v. the Amended Regulation

The prior version of 2 C.F.R. § 200.113 required non-federal entities and applicants to disclose “all violations of Federal criminal law involving fraud, bribery, or gratuity violations potentially affecting the Federal award.” The amended version is more expansive and now requires reporting whenever a grant recipient, subrecipient, or applicant “in connection with the federal award… has credible evidence of the commission of a violation of Federal criminal law involving fraud, conflict of interest, bribery, or gratuity violations found in Title 18 of the United States Code or a violation of the civil False Claims Act.” (emphasis added)

The amended version is far more expansive and makes a number of changes. The two most significant changes are:

• lowering the standard of evidence required to trigger a mandatory disclosure to the government; and
• expanding the categories of conduct which may be reportable.

Lowers the Standard for Reporting

The change lowers the standard that triggers a reporting obligation. Whereas the grant recipient, subrecipient, or applicant previously had to conclude that a “violation” of one of the listed types of federal criminal statutes had occurred, now merely having “credible evidence” of such conduct triggers that reporting obligation. The relevant guidance released on the issue (Federal Register: Guidance for Federal Financial Assistance) noted that the government:

found the proposed “credible evidence” standard more appropriate because it would not require recipients, subrecipients, and applicants to make a firm legal determination that a criminal law had been violated before they were required to make a disclosure of “credible evidence” of such a violation to the Federal agency, pass-through entity (if applicable), and the agency’s Office of Inspector General.

 “Credible evidence” is not defined in the regulations, but the guidance refers to the meaning applied under the Federal Acquisition Regulation (FAR), which states that the “term indicates a higher standard [than reasonable grounds to believe], implying that the contractor will have the opportunity to take some time for preliminary examination of the evidence to determine its credibility before deciding to disclose to the Government.” The revised version of § 200.113 effectively adopts the spirit, and much of the letter, of the FAR’s mandatory reporting obligations.

Expanded Scope of Conduct Required to Report

The amendment also expands the scope of conduct that must be reported. Now, in addition to reporting conduct that, if established, would violate federal criminal fraud, bribery, or gratuity statutes, there is also an obligation to report credible evidence of violations of federal criminal conflict of interest laws and violations of civil False Claims Act (FCA). Under the FCA, liability results from both the submission of false or fraudulent claims for payment to the federal government and the retention of funds improperly received. Under the statute, individual whistleblowers are incentivized to report potential FCA violations by the prospect of sharing in a portion of the fees recovered by the government.

While adding criminal conflict of interest laws to the list of reportable offenses is likely to have some effect, the far greater impact will stem from the requirement that FCA violations be reported for two reasons. First, the FCA is a civil statute, applying a level of scienter lower than most criminal violations that were previously subject to reporting obligations. Activity that might not rise to a criminal violation may trigger FCA liability. Requiring only “credible evidence” of such an FCA violation effectively increases the number of times when reporting obligations will be triggered. Second, the prospect of a whistleblower identifying and reporting an FCA violation (or even credible evidence of such) before it is identified by the grant recipient, subrecipient, or applicant heightens the risk of a violation of the disclosure obligation.

Other Changes

While the regulation’s requirement that the disclosure be “in writing” remains the same, the revised version mandates that the relevant agency’s Office of Inspector General also receive a copy of the disclosure. The purpose of this change seems clear: to facilitate the investigation, and possible criminal prosecution, of the underlying conduct.

In addition, the revised version modifies the essentially “jurisdictional” element of the original version that the identified violation “potentially affect [] the Federal award.” The revision narrows the scope slightly, mandating that the violation have some “connection with the Federal award.” According to the guidance, this change was intended to exclude from disclosure those violations, arguably covered by the original version, which have “only a tenuous potential effect or connection” to federal funds.

Failure to Make Required Disclosures

Despite these changes, one element of § 200.113 remains the same. Both versions provide that “failure to make the required disclosures can result in any of the remedies described in” a separate regulation (2 C.F.R. § 200.339). That provision provides for a range of sanctions, including temporarily withholding grant funds, suspending or terminating the award, or initiating suspension, in addition to permitting the government to “pursue other legal available remedies.” Notably, nothing in that regulation forecloses the government from pursuing criminal sanctions relating to either the underlying conduct or the failure to report its occurrence.

Takeaways

While this regulatory change occurred without much fanfare, it substantially impacts federal grant recipients, sub-recipients and applicants. Those who have already received federal grant funds – whether under the ARPA or otherwise – must take heed of the new regulation’s impact and abide by its obligations. This means:

• Being proactive. Establish a comprehensive compliance program to identify potential conduct that may require disclosure. If one is already established, revisit the compliance program and ensure its effectiveness. 
• Being prepared. Be prepared to receive, investigate, and, where necessary, report promptly the mere existence of “credible evidence” demonstrating certain potential criminal and civil violations. This level of commitment is particularly important given the Justice Department’s recent efforts to encourage whistleblower reports by offering the prospect of immunity when would-be whistleblowers are complicit and financial bounties when they are not (DOJ Implements New Whistleblower Reward Program | Eye on Enforcement). Failure to heed and prepare for the challenges of this new environment can create not only civil and criminal exposure for individuals and companies involved in the grant process, but also existential risks to the entities who seek and receive those funds.

Listen to this post