nonprofits

Read this article if your role includes hiring, contracting, or credentialing licensed healthcare providers, healthcare professionals, and support staff across the healthcare spectrum, as well as those who work with interim staffing, locum agencies, and third-party healthcare vendors and suppliers. 

Exclusion screening is one of those healthcare requirements that can feel routine—until it isn’t. An essential element of credentialing, it is the process of regularly checking whether individuals or entities that are connected to your organization appear on federal exclusion lists, created and maintained by the US Department of Health & Human Services Office of the Inspector General (OIG) and the System for Award Management (SAM). Individuals or entities on the list may be prohibited from participating in federally funded healthcare programs. When a match is overlooked, the consequences can lead to financial, legal, operational, and reputational risk for an organization.

The challenges of exclusion screening 

Even the best-run organizations might let exclusion screening fall through the cracks—particularly when it is treated as a one-time onboarding step instead of a recurring monitoring process. From limited staffing to competing priorities across credentialing, compliance, medical staff offices, human resources, and operations, it’s a crucial task that needs to be owned by someone in the organization to help ensure it happens routinely. 

The consequences of missing an exclusion 

If your organization employs or contracts with an excluded individual or entity, the risk can extend well beyond initial oversight. Potential consequences may include significant civil monetary penalties, overpayment liability, required corrective actions, and reputational damage. More importantly, exclusions often relate to serious underlying issues such as healthcare fraud, patient abuse or neglect, licensing problems, financial crimes, or drug-related violations, which means missing a listing can undermine patient safety and trust. 

While most professionals act in good faith, you can’t rely on individuals or entities to self-disclose their exclusion status. In some cases, individuals might not disclose because they need the job, don’t fully understand their status, or the exclusion happened after they were screened at the point of hire.  

Ongoing exclusion screening is key 

Exclusion screening isn’t a “set it and forget it” compliance regulation. Even if there are no findings today, that does not guarantee a clean result next month. A status can change, new records could be added, or there could be a delay in reporting. That’s why it’s essential for healthcare organizations to treat exclusion training as an ongoing monitoring commitment and have a clear process for reviewing results and flagging potential findings. 

Practical guidance for exclusion screening  

• Be proactive: Understand the regulations that apply to your organization.  
• Define ownership: Assign exclusion screening oversight responsibilities to a specific role or team—and ensure there is a backup so the process happens even when someone is out.  
• Develop an internal process: Identify what cadence (monthly is recommended), which databases you check (i.e., OIG, SAM), and how to document results.  
• Use strong identifiers: Collect and maintain the necessary information to reduce false positives and confirm accurate matches.  
• Create a plan: Define a clear process for how you’ll handle a potential match, including who needs to be involved (compliance, HR, etc.) and how to investigate. 

Don’t underestimate the importance of exclusion screening or the potential consequences of missing excluded or sanctioned individuals or entities.

BerryDunn can help with exclusion screening 

Recognize when it’s time to seek help. If your team is stretched, unsure of how consistently you are screening, or investing too much time in investigating potential matches, it may be time to bring in help. 

BerryDunn’s credentialing professionals are adept at navigating the challenges providers face. As an organization certified by NCQA in Credentialing (CR) across all 11 credentialing elements, we help clients streamline processes with strict adherence to compliance and regulatory standards. We equip organizations with resources to manage credentialing and compliance risks by performing continuous monitoring of federal exclusion lists. These monitoring activities help our clients comply with federal mandates prohibiting healthcare organizations from hiring or doing business with excluded or sanctioned individuals or entities. Learn more about our team and services. 

Procurement is often described as “ground zero” for audit findings—and for good reason. In single audits and other compliance reviews, procurement files are one of the first places auditors look. Not because organizations are acting in bad faith, but because procurement is where documentation, judgment, and regulatory requirements collide. 

The good news? Most procurement findings are preventable. With the right structure, controls, and habits in place, organizations can significantly reduce risk while making procurement more efficient and defensible. Below are practical, hands‑on steps organizations can take to move toward truly audit‑ready procurement. 

What “audit‑ready” really means 

Audit‑ready procurement isn’t about having a great explanation when questions arise. Auditors don’t audit intent or institutional knowledge—they audit files. 

An audit‑ready procurement file clearly and completely demonstrates that: 

• The procurement method was appropriate 
• Competition was real and fair (or properly justified when not) 
• Prices were reasonable 
• Vendors were eligible and responsible 
• Required approvals and controls were followed 

All of this must be documented in a way that aligns with 2 CFR 200.317–327 and tells a clear procurement story from start to finish. 

If that story isn’t obvious from the file itself, risk increases quickly. 

Use the 5‑Pane File Model to organize every procurement 

One of the most effective ways to reduce procurement risk is to structure files around the questions auditors actually ask. The 5‑Pane File Model does exactly that: 

1. Plan – Why this method? 
   Document the procurement method selected, the applicable thresholds, and why that method was appropriate at the time. 

2. Compete – Was competition real? 
   Include solicitations, bid lists, evaluation criteria, and justification when competition is limited or not feasible. 

3. Analyze – Is the price reasonable? 
   Cost or price analysis is required for all procurements—regardless of dollar value or method. This is a frequent gap. 

4. Award – Was the vendor eligible? 
   Responsibility checks, including SAM.gov verification, conflict‑of‑interest disclosures, and required contract clauses, belong here. 

5. Administer – Was the contract managed? 
   Post‑award monitoring, amendments, approvals, and performance oversight are often overlooked—but auditors expect to see them. 

Using this structure consistently creates files that are easier to maintain, easier to review, and far easier to defend. 

Watch for these common (and costly) pitfalls 

Across municipalities, nonprofits, and other federally funded organizations, certain procurement issues show up again and again: 

• Artificially splitting procurements to stay under thresholds 
• Selecting the wrong procurement method—or failing to reassess it 
• Weak or missing competition documentation 
• No cost or price analysis 
• Missing or outdated federal contract clauses 
• Assuming responsibility checks were completed, without evidence 
• Poor post‑award contract administration 

Individually, these gaps may seem minor. In an audit, they often snowball into findings, questioned costs, and funding risk. 

Learn from real‑world audit findings 

Consider two scenarios we see frequently in audits: 

1. Emergency procurements that never transition 
   An emergency justifies noncompetitive procurement—but only for as long as the emergency exists. When work continues after exigent conditions end, organizations must reassess the procurement method, document justification, and perform cost or price analysis. Failure to do so often results in invalidated sole‑source determinations and questioned costs. 

2. Contracts that follow internal policy—but violate federal rules 
   Internal procurement policies don’t override federal requirements. Percentage‑based contracts, for example, are prohibited under Uniform Guidance regardless of entity type. Without documented review of contract type compliance, organizations can unknowingly create audit findings—even when they believe they followed their own rules. 

The lesson is clear: documentation and reassessment matter just as much as initial decisions. 

Build controls that actually work in practice 

Strong procurement controls don’t have to be complex—but they do need to be consistent and practical. High‑performing organizations often implement the following: 

• Standardized procurement file checklists aligned to federal requirements 
• Required approvals at each stage of the 5‑Pane File 
• Triggers to reassess emergency or sole‑source procurements 
• Standard templates for:  
  • Sole‑source justifications 
  • Cost or price analyses 
  • Conflict‑of‑interest disclosures 
• Centralized digital file storage with consistent naming conventions 
• Periodic self‑reviews of procurement files using an auditor’s lens 

These controls shift procurement from a reactive process to a proactive one. 

Make audit readiness part of everyday procurement 

The most important takeaway is also the simplest: If it isn’t documented, it didn’t happen. 

Audit‑ready procurement isn’t about perfection—it’s about consistency. Small documentation gaps create big audit risks, but they’re also the easiest risks to fix when organizations know where to look. 

By structuring procurement files intentionally, reassessing decisions as conditions change, and embedding practical controls into daily workflows, organizations can protect federal funding, reduce audit stress, and strengthen overall governance. 

How BerryDunn can help 

At BerryDunn, we work hands‑on with organizations to identify procurement gaps, strengthen internal controls, and build audit‑ready processes that stand up to scrutiny. Our approach is practical, regulatory‑informed, and grounded in real audit experience—helping clients close gaps before auditors ever find them. Learn more about our services and team.  

Benjamin Franklin is attributed with having once said: “Nothing is certain but death and taxes.” While true, 501(c)(3) organizations, which are exempt from income taxes on activities related to their exempt purposes, could have a different spin on Ben Franklin’s classic line: “Nothing is certain but death, taxes, and Schedule A.” This is because any 501(c)(3) organization (or organization treated as such) claiming tax exemption as a public charity is required in one way, shape, or form to complete Schedule A. 

While at first glance the schedule seems easy enough, it is chock-full of nuances, potential limitations, and issues that can make or break a public charity’s tax-exempt status. To borrow from a somewhat less historical source, Avril Lavigne once observed, “Why’d you have to go and make things so complicated?”

This article is the first in a two-part series that provides a detailed examination of Form 990, Schedule A, offering practical guidance to the many organizations responsible for its complete and accurate preparation. Part one will focus on organizations that qualify under Part I, Line 7—509(a)(1) and the steps required to substantiate this classification through the Part II public support test.  

What is Schedule A? 

As noted above, Schedule A is required for all 501(c)(3) organizations claiming public charity status. Other tax-exempt organizations—such as 501(c)(2)s, 501(c)(4)s, 501(c)(5)s, and 501(c)(6)s—are not required to complete it. Additionally, 501(c)(3) private foundations are exempt from this requirement, as they file Form 990-PF instead.  

In simple terms, Schedule A lets the IRS confirm that an organization is truly supported by the public, which is what allows it to keep its public charity status. 

This determination begins in Schedule A, Part I, where an organization selects one of the IRS‑defined public charity categories listed on lines 1–12. Certain organizations, such as churches, schools, and hospitals, qualify automatically and are recognized as public charities without needing to demonstrate public support. 

For organizations that do not meet one of these automatic classifications, public charity status must instead be demonstrated through one of two IRS public support tests: 

• Organizations primarily supported by contributions generally rely on the Part II public support test 
• Organizations that earn most of their revenue from program service activities may qualify under the Part III public support test 

These two tests form the core framework through which many nonprofits establish and maintain public charity status. However, if an organization fails the applicable public support test for two consecutive years, it will automatically become a private foundation and face stricter rules and reporting requirements. Understanding these basics helps ensure your organization remains well‑positioned to maintain its public charity status and avoid surprises down the line. 

The basics: Understanding Schedule A, Part II 

Who qualifies? 

An organization qualifies as a public charity under Part II, over the five-year computation period, if it meets either of the following thresholds: 

• More than 33.33% of its total support is from governmental units, contributions from the general public, and contributions or grants from other public charities 
• More than 10% of its total support is from governmental units, contributions from the general public, and contributions or grants from other public charities, and the facts and circumstances indicate it is a publicly supported organization 

How is Part II different from Part III? 

1. Excess contributions 
A critical feature of the Part II public support test is how the IRS treats large contributions from a single donor. On Line 5, organizations must exclude the portion of a donor’s contributions that exceeds 2% of the organization’s total support over the five‑year computation period (the current year plus the four preceding years). 

This safeguard prevents an organization from appearing “publicly supported” merely because a few large donors provided most of its support. Instead, the Part II test is designed for organizations that maintain a diverse donor base, with many contributors giving smaller amounts rather than relying on a handful of major donors.  

It is important to recognize that certain types of support, such as contributions from governmental units or other publicly supported organizations qualifying under section 170(b)(1)(A)(vi), are not subject to exclusion under the 2% limitation rule. These sources are considered inherently public in nature and therefore always count fully toward public support, even when the amounts received are large.

Example: Calculating excess contributions 
Assume the organization has $4,000,000 in total support for the five‑year period. 

• The 2% limit is: $4,000,000 × 2% = $80,000

Now consider two donors: 

• Donor A contributes $50,000 → below the $80,000 limit 
  • None of Donor A’s contribution is an excess contribution. 
  • Full $50,000 counts as public support. 
• Donor B contributes $200,000 → above the limit 
  • Excess: $200,000 − $80,000 = $120,000 
  • Only $80,000 counts toward public support. 
  • The $120,000 excess must be reported on Line 5 and excluded from the numerator. 

Although large donations are beneficial for operations, they can hurt public support percentages if they are concentrated in a few donors. 

Key takeaway: For organizations completing the Part II test, it is essential to stay vigilant around donor concentration throughout the five-year period to ensure that the organization is not receiving the majority of their support from just a few donors. 

2. Treatment of unusual grants 
Another nuance to the Schedule A, Part II test is the treatment of unusual grants. Unusual grants are large, unexpected contributions from disinterested parties that would skew an organization’s public support percentage if treated as regular support. Because these gifts are extraordinary in size and could jeopardize an organization’s ability to meet the 33.33% public support test or the 10% facts‑and‑circumstances test, they are excluded entirely from both the numerator and denominator of the Part II calculation. This allows organizations to accept significant one‑time gifts without risking “tipping” into private‑foundation status. Organizations must report the amount only in Schedule A, Part VI, and keep internal records documenting the donor, date, and why the grant qualifies as unusual.

3. The 10% facts‑and‑circumstances test
For organizations completing Schedule A, Part II, the 10% facts‑and‑circumstances test provides a backup option for demonstrating public charity status if they fall short of the standard public support requirement. If an organization does not meet the 33.33% public support requirement under Part II, it may still qualify as a public charity as long as it still receives at least 10% public support and it can demonstrate that it truly operates for the benefit of the community.  

The IRS considers a variety of factors to determine whether an organization still functions as a public charity. This includes whether it actively fundraises from the general public, whether its board of directors reflects the community it serves, and whether its programs, services, and facilities are open and easily accessible to the general public. The IRS also looks at whether the organization receives grants or support from government agencies, which reinforces that it operates for the general public and not private benefit. 

This backup rule helps organizations maintain public charity status during years when donation patterns fluctuate—for example, when a large gift temporarily skews the support ratio or when a newer organization is still building its donor base. With good records and a clear explanation of how it serves the public, many organizations can rely on this test when their support dips below the standard threshold. 

4. The Schedule B “special rule” 
Organizations that complete and pass the Schedule A, Part II support test may also qualify for the “special rule” related to donor disclosure on Form 990, Schedule B. Under the general Schedule B rules, organizations must report any donor who contributed $5,000 or more during the year, including the donor’s name and address. However, organizations that complete and pass the Part II support test are only required to disclose donors whose contributions exceed 2% of the organization’s total contribution income for the year. This higher disclosure threshold can significantly reduce the Schedule B reporting burden, particularly for organizations that receive a substantial portion of their revenue from individual contributions. 

Pro tip: Certain organizations (namely, colleges and universities) can opt to complete the Schedule A, Part II support test in order to take advantage of this special rule as well. For additional information, please see the article, Easy ‘A’ for schools: Pass the test to reduce requirements under Schedule B. 

Now that we’ve covered how Schedule A, Part II measures public support based largely on contributions, the next step is understanding the alternative approach. In the second article in our series, we’ll explore Schedule A, Part III, which is often a better match for organizations supported primarily through program services and fees. 

We can help

BerryDunn’s team of professionals serves a range of nonprofit organizations, including but not limited to educational institutions, foundations, behavioral health organizations, community action programs, conservation organizations, and social services agencies. We provide the vital strategic, financial, and operational support necessary to help NFPs fulfill their missions. Learn more about our team and services. 

When a company is operating successfully and seeking liquidity—whether to fund growth or return value to shareholders—two primary pathways or “tracks” exist: the public market (IPO), and the private market (a sales transaction). 

The private market track can take several forms: 

• A full or partial sale to a strategic buyer 
• A full or partial sale to a private equity fund (a financial buyer)  
• A hybrid approach involving both strategic and financial buyers 

Why consider both tracks at once? 

Companies can increase their valuation by investing in the dual-track process. Private markets understand that well-run, high-growth, prepared companies have a public market option and can go either way. The primary advantage of this dual process is to maximize shareholder value. Additional benefits include: 

• Saving time and resources—running both tracks concurrently is more efficient than running them separately or in series 
• Managing bandwidth issues—by utilizing incentive units or other forms of compensation for key team members, and by outsourcing critical components of each process to experts 
• Preserving optionality—retaining the ability to cross tracks when the time is right creates additional value 

What goes into a dual-track process? 

Significant analytical and structural work is required to prepare for both tracks simultaneously. Key workstreams include: 

• Financial modeling across exit scenarios 
• Tax structuring to optimize shareholder outcomes 
• Obtaining bids from capital markets for either track 
• Pre-transaction readiness to ensure internal operations, reporting, and governance are prepared for scrutiny 

Consulting with your trusted advisors who are experienced with IPO readiness, capital raises, and M&A transactions early in the process is a great first step.  When feasibility level financial analysis steps are complete, shareholders and management can pursue and push further into the dual-track process. 

Managing the demands of due diligence 

Before initiating a dual-track process, detailed planning will be required to ensure the proper resources are in place—both to keep the company’s core operations running uninterrupted and to provide timely support to due diligence efforts.  

Due diligence for a sell-side transaction involves the company’s internal team providing a significant amount of data and responding to advisor inquiries, including: 

• Internal reporting 
• Contracts 
• Historical information about the company 

An IPO process includes all of this work, plus working with outside counsel to handle the regulatory and compliance requirements of the Securities and Exchange Commission (SEC). 

How BerryDunn can help 

If you are considering either an IPO or a minority/majority sale transaction, BerryDunn professionals can help you assess your options and build a clear path forward. Our services include: 

• Valuations based on a myriad of exit options  
• Private market sale readiness (Quality of Earnings)  
• Management's Discussion and Analysis (MD&A)  
• Governance and control assessments for the Public Company Accounting Oversight Board (PCAOB) and Sarbanes-Oxley (SOX)  
• Compliance consulting with respect to disclosure  
• Dual-track readiness scorecard construction 

Learn more about our services and team. 

Read this if you are a compliance officer, revenue integrity director, clinical documentation improvement specialist, clinical documentation and coding auditor, or telehealth provider at a healthcare facility or medical practice.

The telehealth field is steadily changing as federal policymakers aim to keep patient access open while shaping long-term regulations. The Consolidated Appropriations Act of 2026 (H.R. 7148), signed into law on February 3, 2026, brought the biggest changes by extending major Medicare telehealth benefits for most services until December 31, 2027. Additionally, the US Department of Health and Human Services (HHS) updated its telehealth guidance, confirming these extensions and ensuring that Medicare beneficiaries in all regions continue to have broad access. 

Summary of telehealth extensions 

The new law and updated federal guidance preserve several significant telehealth flexibilities: 

• Home as an originating site: Medicare beneficiaries may continue to receive non-behavioral telehealth services from their residences, without geographic limitations, through 2027. 
• Expansion of eligible providers: Physical therapists, occupational therapists, speech-language pathologists, audiologists, and other qualified clinicians remain authorized to deliver telehealth services under Medicare. 
• FQHCs and RHCs as distant-site providers: Federally Qualified Health Centers (FQHCs) and Rural Health Clinics (RHCs) retain the ability to provide telehealth services, enhancing access for rural and underserved communities. 
• Audio-only telehealth options: Certain services may still be delivered via audio-only communication, supporting patients without reliable broadband or digital devices. 
• Behavioral health flexibilities: The requirement for in-person visits for tele-mental health services is waived until January 1, 2028, allowing continued virtual access to behavioral healthcare. 

Compliance requirements for telehealth providers 

While the extensions offer substantial continuity, providers must stay vigilant in meeting federal compliance expectations: 

1. Maintain documentation standards: Telehealth sessions are required to comply with Medicare's documentation standards. These include verification of patient identity, specification of the modality utilized, documentation of patient consent where applicable, and comprehensive clinical notes. Extensions do not alter or diminish these documentation requirements. 
2. Use approved platforms: Providers are required to utilize HIPAA-compliant technology whenever feasible, despite the expiration of certain enforcement flexibilities implemented during the COVID-19 era. Accordingly, the use of encrypted and secure platforms remains imperative. 
3. Track modality requirements: Since audio-only is allowed for specific services, clinicians need to carefully follow Medicare guidelines and choose the right method for each service. It's important to stay up to date by checking CMS bulletins and HHS telehealth policy updates regularly. 
4. Monitor state-level rules: Although federal extensions cover Medicare, state-specific telehealth laws, licensure agreements, and prescribing rules can vary. Healthcare providers delivering care across multiple states need to make sure they follow all relevant regulations in each jurisdiction. 

BerryDunn can help 

Recent telehealth extensions show that both political parties continue to back virtual care, ensuring its stability until at least the end of 2027. Healthcare providers should take advantage of these new flexibilities while continuing to carefully follow updated federal and state regulations. 

Our healthcare compliance team can help. We incorporate deep, hands-on knowledge with industry best practices to help your organization manage compliance and revenue integrity risks. Learn more about BerryDunn’s healthcare compliance consulting team and services.