When reporting CSLFRF expenditures, how should municipalities approach small projects that do not meet the $10 million threshold?

The U.S. Department of the Treasury’s (“Treasury”) Portal for Recipient Reporting: State and Local Fiscal Recovery Funds^[1] does not distinguish between small or large Coronavirus State and Local Fiscal Recovery Funds (“CSLFRF”) projects. Rather, after project and subaward information is entered into the system, recipients report expenditures under two categories: “Expenditures Greater than $50,000” and “Expenditures Less than $50,000.”[2]

The $10 million threshold is specific to projects with capital expenditures or infrastructure projects greater than $10 million. If projects do not meet these criteria, recipients are not required to respond to those specific programmatic compliance questions as outlined in Treasury’s Compliance and Reporting Guidance.[3] However, project data are still required to be entered into the portal for the project and other programmatic requirements may exist depending on the expenditure category of the project.

In general, recipients of CSLFRF Funds must report quarterly on the use of the funds.[4] For small projects that do not exceed ten million dollars in cost, recipients can likely use a simplified reporting method. Regardless of whether the simplified reporting method is used, the municipality must still report the following information for each small project:

• The name of the project;
• Project identification number;
• Project expenditure category;
• A brief description of the project;
• The total cost of the project; and
• The project’s status.[5]

In addition, the municipality must also report any sub-recipient or contractor information for each small project that was used to expend the funds.[6]

What is the process for selecting which SLCGP projects and recipients (e.g., local governments and rural areas) will receive funds?

The Infrastructure Investment and Jobs Act (“IIJA”) established the SLCGP (“State and Local Cybersecurity Grant Program”) to award funds to eligible entities to mitigate cybersecurity risks.[1] The SLCGP determines “eligible entities” as “states or territories.”[2] State and territory State Administrative Agencies (“SAA”) for these entities are the only eligible applicants.[3] Local and tribal governments are eligible subapplicants under the SLCGP pursuant to the underlying regulations.[4]

SAAs are responsible for managing the grant application and award. They are required to establish a Cybersecurity Planning Committee and develop a Cybersecurity Plan that addresses priorities for the entire jurisdiction.[5] The SAA, working with the Cybersecurity Planning Committee, must ensure at least 80 percent of the funds awarded under the SLCGP are passed through to local entities. Additionally, at least 25 percent of the funds must be passed through to rural communities. These amounts may overlap.

Local governments, including federally recognized tribes, are eligible to receive funds as subapplicants from their SAA. Generally, Cybersecurity Planning Committees work collaboratively with local, rural, and tribal governments across the state or territory to identify projects that align with the state or territory’s Cybersecurity Plan. The state must determine where and how to distribute subawards, with the permission of applicable local governments if passing through items or services in lieu of funding.[6] The Federal Emergency Management Agency (“FEMA”) provides additional details on each State’s SAA on their State Administrative Agency Contacts page.[7]

While each SAA establishes program priorities specific to their jurisdiction, the following overarching SLCGP objectives and Fiscal Year 2022 priorities apply:

SLCGP Objectives

• Implement cyber governance and planning;
• Assess and evaluate systems and capabilities;
• Mitigate prioritized issues; and
• Build a cybersecurity workforce.[8]

SLCGP Fiscal Year 2022 Priorities

• Establish a Cybersecurity Planning Committee;
• Develop a state-wide Cybersecurity Plan, unless the recipient already has a state-wide Cybersecurity Plan and uses the funds to implement or revise a state-wide Cybersecurity Plan;
• Conduct assessment and evaluations as the basis for individual projects throughout the life of the program; and
• Adopt key cybersecurity best practices.[9]

Last Updated: March 3, 2023

What funding opportunities and resources other than the State and Local Cybersecurity Grant Program (SLCGP) can be used towards Cybersecurity projects?

There are several sources of cybersecurity funding (i.e., local, state or tribal, regional, federal, and private sector funding sources) available for cybersecurity projects. Entities seeking funding opportunities for cybersecurity projects should become familiar with funding sources available in their jurisdictions, including at the state, tribal, regional, or local levels. In addition, entities should consider the following federal funding sources outside of the State and Local Cybersecurity Grant Program (“SLCGP”), including those authorized by the Infrastructure Investment and Jobs Act (“IIJA”).

The IIJA includes funding for new and existing cybersecurity programs that focus on strengthening cyber systems and defense against future attacks, some of which provide opportunities to state, local, tribal, and territorial entities, including but not limited to:

• U.S. Department of Homeland Security Cybersecurity Programs
  • Rural and Municipal Utility Advanced Cybersecurity Grant Program ($250 million)
  • Cyber Response and Recovery Fund ($100 million)
  • Department of Homeland Security (DHS) Science and Technology Directorate ($157.5 million)
  • CISA Risk Management Operations ($35 million)
  • Office of National Cyber Director ($21 million)
• U.S. Department of Energy Programs
  • Cybersecurity for the Energy Sector Research, Development, and Demonstration Program ($250 million)
  • Rural and Municipal Utility Advances Cybersecurity Grant and Technical Assistance Program ($250 million)
  • Energy Sector Operational Support for Cyber Resilience Program ($50 million)

The IIJA also includes several programs across various federal agencies which, while not cybersecurity-specific, allow for investment in cybersecurity measures as an eligible use to support program objectives, including but not limited to:

• U.S. Department of Commerce Programs
  • Broadband Equity, Access, and Deployment Program ($42.5 billion)
• U.S. Department of Transportation Programs
  • Port Infrastructure Development Program ($2.25 billion)
• U.S. Department of Energy Programs
  • State Energy Program ($500 million)
• U.S. Environmental Protection Agency Programs
  • Clean Water and Drinking Water State Revolving Funds ($11.7 billion)
  • Drinking Water State Revolving Fund ($11.7 billion)
• Department of Homeland Security Programs
  • State Homeland Security Grant Program ($415 million)
  • Urban Areas Security Initiative ($615 million)
• United States Department of Agriculture Programs
  • Cyber-Physical Systems Grant ($7 million)

In addition to the agencies and programs listed above, interested organizations may wish to contact the Cybersecurity and Infrastructure Security Agency (“CISA”) which offers a range of cybersecurity assessments at no cost to the requestor.[1] CISA assessments are provided upon request on a voluntary basis and can help any organization with managing risk and strengthen its cybersecurity. Once risks are identified after taking an assessment, interested parties should carefully review the eligibility parameters and policy guidelines for the programs listed to determine which sources of funding are appropriate to pursue.

Should a municipality consider conducting risk assessments as part of its audit strategy?

A municipality should consider conducting risk assessments as part of its audit strategy. Risk assessments can be used to evaluate the condition of a program and comply with federal program requirements. Risk assessments are required when a municipality is a recipient of federal funds and when it is acting as a pass-through entity.[1]  Risk assessments are likely not required when the municipality is a subrecipient of award funds.[2]

If a municipality is eligible for federal funding as a subrecipient, it should work with the pass-through entity to receive subawards. 2 CFR § 200.1 defines the term “pass-through entity” to include “a non-federal entity that provides a subaward to a subrecipient to carry out part of a [f]ederal program.”[3]

Municipalities and pass-through entities are encouraged to connect with each other and collaborate regarding compliance with program requirements.[4]

Conducting Risk Assessments

It is a good practice for municipalities receiving federal funding as subrecipients to conduct risk assessments so they are aware of their own risk for federal noncompliance ahead of the mandatory risk assessments awarding entities will conduct. Subrecipients that conduct such self-risk assessments may help facilitate a more comprehensive risk assessment by the awarding entity.

However, it is a federal requirement to perform a risk assessment when the municipality is going to pass the funds to a subrecipient. 2 CFR § 200.332 (b) requires all pass-through entities (the awarding entities) to conduct a risk assessment evaluating a subrecipient’s risk of noncompliance with federal statutes before the entity may award federal funds to a subrecipient. 2 CFR § 200.322 (b) outlines factors pass-through entities may consider in evaluating level of risk for non-compliance:[5]

• The subrecipient’s prior experience with the same or similar subawards
• The results of previous audits including whether the subrecipient receives a Single Audit in accordance with 2 CFR §200.501 (b), and the extent to which the same or similar subaward has been audited as a major program
• Whether the subrecipient has new personnel, or new or substantially changed systems
• The extent and results of [f]ederal awarding agency monitoring (e.g., if the subrecipient also receives [f]ederal awards directly from a federal awarding agency).[6]

Monitoring and Auditing Programs Following Risk Assessments

A risk assessment breaks down each aspect of a program to identify high-risk areas for operational fraud. These operational fraud risk areas should be monitored and audited to ensure compliance with program requirements.[7] Once a risk assessment is completed, the project oversight team, including auditors, will be able to monitor and audit key areas of focus, including but not limited to:

• Planning for the use of federal funds and compliance with federal regulations; 
• Financial, acquisition, and grant management policies and procedures;
• Organizational leadership, capacity, and expertise;
• Existing internal controls and any identified weaknesses;
• Findings and recommendations from prior state or federal audit;
• Program governance, administration, and oversight;
• Subrecipient internal control weakness;
• Barriers to tracking and reporting on the use and results of federal funding;
• State and federal procurement requirements;
• Potential conflicts of interest and ethics compliance;
• Health and safety;
• Information security and data protection; and
• Due diligence. 

What are the specific best practices that local governments should adopt within their Cybersecurity Plans for SLCGP?

When developing or updating Cybersecurity Plans for the State and Local Cybersecurity Grant Program (“SLCGP”),[1] local governments should review the plan requirements in the Notice of Funding Opportunity (“NOFO”)[2] and ensure they understand the required elements of these plans as listed in Appendix C.[3] Beyond these federal-level resources, local governments should consider the following non-exhaustive good practices for Cybersecurity Plan development.  Cybersecurity plans should: 

• Take a holistic approach to cybersecurity, integrating a diverse set of project types and focus areas, including planning, training, exercises, assessments, organization, equipment, and policy/legislation. The Plan should serve as an overarching framework that directs strategy for grant implementation.
• Identify specific goals and objectives to guide the cybersecurity program and reduce cybersecurity risks. Plans should also be aligned with the SLCGP’s objectives of Governance and Planning, Assessment and Evaluation, Mitigation, and Workforce Development.
• Include considerations for how the results of assessments and evaluations will be used to further strengthen cybersecurity and cyber resilience within the local government. In addition to accounting for the conduct of these assessments, local governments should identify next steps for addressing any identified gaps.
• Address the entire local government, including any constituent jurisdictions, departments, and agencies. This scope should be clearly stated as part of the Plan.
• Consider local governments’ existing plans, policies, pre-identified gaps, and pre-identified projects, all of which will help local governments develop their cybersecurity infrastructure.
• Include engagement with the local government’s Chief Information Office, Chief Information Security Officer, or equivalent. This individual should be thoroughly read into the planning process, including opportunities to provide feedback at interim phases of development, as they have plan approval responsibilities.
• Include information about the local government’s Cybersecurity Planning Committee, including the organizations that make up the Committee, how it is structured, and its role in cybersecurity planning and response. If not already established, this Committee should be included in the planning process.

Last Updated: March 3, 2023

What are short-term and long-term ways to minimize the likelihood of ransomware attacks?

As the frequency and impact of ransomware attacks increase over time, organizations should consider short- and long-term solutions to reduce the risk of ransomware attacks. In addition to complying with local, state, or tribal, and federal reporting requirements and statutes related to cyber incidents, organizations should consider the following non-exhaustive good practices for minimizing the impact of ransomware events.

Short-Term:

• Engage with information sharing organizations like the Multi-State Information Sharing and Analysis Center to support awareness around emerging trends and threat types.
• Engage with local information sharing organizations, such as regional Fusion Centers.[1]
• Regularly check for Cybersecurity & Infrastructure Security Agency (“CISA”) alerts and follow available CISA guidance, such as the Ransomware Guide.[2]
• Create an inventory of cyber assets that identifies relevant security procedures and risks.
• Regularly update and maintain software security procedures.
• Implement email security procedures to limit phishing and spoofing attempts, and pair them with staff training on basic cyber hygiene and good practices.
• Consider the impacts of ransomware events on third-party vendors and work with these entities to identify backups and formalize security procedures.
• Implement multi-factor authentication on applicable platforms.

Long-Term:

• Develop a cyber incident response plan to direct coordination during a ransomware incident or consider developing a ransomware annex to your cyber incident response plan identifying specific considerations for ransomware events.
• Using assessments and evaluations, identify training needs for all staff and technical staff to help mitigate the human-caused errors that lead to ransomware attacks.
• Conduct vulnerability assessments and penetration testing to identify potential access points and necessary hardening measures.
• Using assessments and evaluations, identify software gaps and create stronger defenses against common types of ransomwares.
• Align your organization with the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework and use the Ransomware Risk Management Profile[3] to gain an understanding of your organization’s readiness and capability gaps as it relates to ransomware events.

What are common pitfalls in grant writing and planning? How can a municipality avoid those pitfalls and make grant applications more competitive?

Enhancing the competitive advantage of a grant application begins in the preparation and planning process. Below are some common pitfalls of the grant planning process and suggested solutions to develop a strong grant application, but municipalities should carefully consider their own needs and approaches to obtaining grants.

Lack of Investment in Opportunity Identification and Tracking

Problem: The lack of investment in opportunity identification and tracking can limit the amount of funding that can be applied for and awarded throughout the year. This can also affect the likelihood of finding a grant suitable for your organization.

Solution: Regularly tracking grant opportunities can increase the potential for funding. Consider allocating internal resources to search for grants across various sources, including agency websites and public interest groups. To help identify grant opportunities and meaningful program outcomes from grant applications, municipalities should examine the awarding agency’s Notice of Funding Opportunity (“NOFO”) or contact the funding agency for project guidance and direction regarding acceptable and anticipated outcomes. It is also important to recognize which funding opportunities fit your organization’s mission and needs to maximize the potential of award.

Lack of Measurable Goals Within an Application

Problem: Setting goals that are immeasurable or unsupported by data can limit the application’s credibility.

Solution: Explain that the plan and goals outlined in the application are achievable, sustainable, and impactful. Use data points and graphics where appropriate to support your organization’s capacity. This will demonstrate a previous record of success and may designate your organization or municipality as lower risk.

Since many grant applications include a scoring rubric or scoring considerations to help applicants develop program outcome measures, municipalities should use the rubric to determine how likely a proposed project or program is to be funded. Self-scoring also allows applicants to reflect and make adjustments to programs, outcomes, or other project-related components.

Further, municipalities may refer to the funders’ websites to access specific award requirements and archives of past awards, applications, and project abstracts. Municipalities can also connect with past award recipients for advice and to better understand program outcome measures and lessons learned.

Lastly, municipalities should carefully review the funders’ compliance and reporting requirements to ensure all of the necessary criteria are met. In addition, municipalities may benefit from conducting research on comparable grant-funded programs and reviewing the applicable outcomes and other data measurement tools related to those programs. 

Using Complicated Grant Writing Language

Problem: Using complex language and industry jargon in the application can detract from the application.

Solution: Present information concisely for a successful application. When writing a grant application, it is helpful to write in the present tense and mirror the funder’s language where possible (i.e., when describing the project or the project’s budget). This can indicate your organization’s alignment with the funder’s priorities.

Lack of Attention to Detail

Problem: Not applying attention to detail in drafting an application can cause an applicant to miss deadlines and neglect critical application requirements.

Solution: Closely read the NOFO to identify key deadlines and requirements, including preferred method of delivery. Proofread all components of the application for grammar and spelling. In addition, confirm that the budget figures provided are correctly reflected wherever they appear in the application. To ensure the application is received on time, applicants should submit a few days before the deadline to allow time to resolve any technical difficulties.

Failing to Reflect on the Process

Problem: Failing to evaluate your organization’s strengths and weaknesses following the grant planning and writing process can result in a lack of future improvement.

Solution: Carefully and honestly evaluate internal capacity to develop and deliver complete, competitive, and timely applications. Throughout the process, if your organization notices that gaps exist in the process, seek assistance in addressing these gaps so that you are better prepared for future application cycles.  

Last Updated: January 31, 2023

How can municipalities identify grant opportunities at the local level?

To identify grant opportunities at the local level, municipalities should consider taking the following steps, among others:

1. Assess and compile a list of community needs.
2. Develop a system to aggregate and process information from multiple sources.
3. Identify the relevant grant opportunities that fit the municipalities’ needs.

Assess and Compile a List of Community Needs

A first step a municipality seeking access to grant programs at the local level should consider is to analyze community needs and compare them to available grant programs. A list of community needs can be compiled by reviewing various sources, including budgets, planning documents, stakeholder engagement activities, and notes from discussions with internal staff. Capital Improvement Plans (“CIP”), Comprehensive Land Use Plans, Hazard Mitigation Plans (“HMGP”) and Transportation Plans often form the core information included on the community needs list.

Municipalities can then compare the list to available funding opportunities. Funding matches can then be prioritized for potential action considering factors such as application requirements (prerequisite studies or plans), program evaluation and scoring criteria (how likely a potential project is to be funded), availability of required nonfederal match, and capacity to complete the application (to be determined by evaluating internal and external resources).

Develop a System to Aggregate and Process Information from Multiple Sources

Finding grant opportunities to match identified needs may begin with developing a system to aggregate and process information from multiple sources. This is important as information relevant to certain grant opportunities can be in multiple places. As an example, there is no single source that provides all necessary information on the hundreds of programs contained within the Infrastructure Investment and Jobs Act (“IIJA”).

Identify Relevant Grant Opportunities that Match the Municipalities’ Needs

There are numerous funding streams available to municipalities looking to identify grant opportunities at the local level, each with its own requirements, prerequisites, deadlines, and award processes. Below are several sources of information municipalities can use to guide their search.

The White House build.gov website provides useful survey-level information in the form of the Bipartisan Infrastructure Law Guidebook and an accompanying workbook provide general program overviews but do not address specific application requirements or deadlines.[1]  Detailed information for programs can be found on the Grants.gov portal or through the Grants.gov mobile app. More extensive information on grant programs is generally only uploaded once a Notice of Funding Opportunity (“NOFO”) has been released. Individual agency websites are usually the most timely and comprehensive sources of information on IIJA programs, including NOFOs, Frequently Asked Questions (“FAQs”), fact sheets, and webinars.

Professional and advocacy organizations can provide municipalities and general audiences with information about funding opportunities. For example, one resource, the Local Infrastructure Hub, is a partnership between the United States Conference of Mayors, the National League of Cities, Results for America, and Bloomberg Philanthropies, which may assist municipalities in their research on infrastructure funding opportunities.[2] 

Single agency websites can make finding information about other types of funding streams more straightforward. For example, if a municipality is interested in a Hazard Mitigation Grant, searching the Federal Emergency Management Agency’s (“FEMA”) Hazard Mitigation Grant Assistance page for FEMA HMA Grants would provide the best possible information on the grant opportunity.[3] Similarly, if a municipality is interested in Transportation grants, monitoring the U.S. Department of Transportation Funding Opportunities website[4] or the U.S. Department of Transportation’s Bipartisan Infrastructure Law Grant Programs website[5] would provide additional information on potential grant opportunities.

Last Updated: February 27, 2023

Do employees hired as part of a specific CSLFRF program, such as staff for a mental health diversion center fully funded with CSLFRF, count against the “cap” for restoring or enhancing public sector staffing?

The U.S. Department of the Treasury’s (“Treasury”) Coronavirus State and Local Fiscal Recovery Funds (“CSLFRF”) Final Rule sets forth four distinct categories of eligible uses of program funding:

• Responding to public health and negative economic impacts;
• Providing premium pay to essential workers;
• Providing governmental services to the extent of revenue loss due to the pandemic; and
• Making necessary investments in water, sewer, and broadband.[1]

Moreover, the Final Rule affords recipients broad discretion to design programs that are responsive to specific public health and negative economic impacts of the pandemic.[2] These programs may be structured in various ways, provided they comply with program specific regulations and any applicable requirements outlined in the Uniform Guidance (2 CFR Part 200, et seq.).[3] 

In responding to negative economic impacts related to the pandemic, the Final Rule allows recipients “to restore and bolster public sector capacity.”[4] When defining eligible uses that bolster public sector capacity, the Final Rule includes both the payroll and covered benefits for public safety, public health, health care, human services, and similar employees for the portion of their time responding to COVID-19 and the payroll and covered benefits to restore and support public sector employment, which may include hiring back employees for pre-pandemic positions or hiring up to a pre-pandemic baseline adjusted for historic underinvestment.[5]

In the case of a mental health diversion center, the Final Rule’s definition of public health staff includes employees providing “mental health services to patients and supervisory personnel, including medical staff assigned to schools, prisons, and other such institutions.”[6] Municipalities should assess the portion of the staff’s time dedicated to responding “to the public health or negative economic impacts of the pandemic, apart from the typical pre-pandemic job duties.”[7]

Whether or not the staff hired as part of a specific CSLFRF program count towards the “cap” for restoring public sector employment may depend on which option the municipality selects. Under the first option, a municipality may hire employees for the same positions that existed on January 27, 2020, but that were unfilled or eliminated as a of March 3, 2021.[8] The Final Rule does not explicitly allow recipients to exclude staff dedicated to responding to COVID-19 public health emergency under this option.

Under the second option, a municipality may pay for the payroll and covered benefits associated with increasing its full-time equivalent employees to 7.5% above its budgeted FTE level on January 27, 2020.[9] When calculating its “actual number of FTEs,” a municipality may exclude FTEs dedicated to responding to the COVID-19 public health emergency.[10] The Final Rule provides the following illustrative example:

A hypothetical recipient with 1000 budgeted FTEs on January 27, 2020 (950 filled FTE positions and 50 unfilled FTE positions). The recipient’s pre-pandemic baseline is 1000 FTEs; its adjusted pre-pandemic baseline is 1000 * 1.075 = 1075 FTEs. Now, assume that on March 3, 2021, the recipient had 800 budgeted FTEs in total (795 filled FTE positions and 5 unfilled FTE positions), with 50 FTEs primarily dedicated to responding to the COVID-19 public health emergency. The recipient would have the option of using either 800 FTEs or 750 FTEs as its actual number of FTEs for the calculation; assuming it chooses the lower number, it would be able to fund up to 325 FTEs with [C]SLFRF funds (that is, 1075 – 750 = 325 FTEs). Specifically, the recipient would be able to use [C]SLFRF to fund payroll and covered benefits for up to 325 FTEs that begin their employment on or after March 3, 2021, for costs obligated by December 31, 2024, and expended by December 31, 2026, consistent with the Uniform Guidance’s Cost Principles, as long as [C]SLFRF funds are used for additional FTEs hired over the recipient’s 750 FTE level (which is its March 3, 2021 budgeted FTE level).[11]

In conclusion, if a municipality chooses the second option to restore pre-pandemic employment, then staff hired after March 3, 2021, that are primarily dedicated to COVID-19 response, may be excluded from the calculation when determining the number of full-time equivalent employees that can be funded with CSFRF. Municipalities should carefully consider the underlying regulations. 

Last Updated: February 28, 2023

Under PROTECT and the Coastal Zone Management programs, are both tsunami and hurricane flooding/evacuation eligible?

The Infrastructure Investment and Jobs Act (“IIJA”) defines the term “emergency event” as a natural disaster or catastrophic failure resulting in either an emergency declared by the Governor of the state or by the President of the United States.[1] As such, a tsunami or hurricane with the potential to cause harm to life, property, public health, and safety are likely considered eligible events for funding under the Promoting Resilient Operations for Transformative, Efficient, and Cost-Saving Transportation (“PROTECT”) program, though municipalities should carefully analyze the underlying regulations.[2]

The term “evacuation route” refers to a transportation route or system that is owned, operated, or maintained by a federal, state, tribal, or local government and which is either used to transport the public away from emergency events or to transport emergency responders and recovery resources. An evacuation route must also serve the designated purposes of reducing the magnitude and duration of impacts from current and future weather events and natural disasters or having the absorptive capacity, adaptive capacity, and recoverability to decrease vulnerability to current and future weather events or natural disasters.[3] 

Under the PROTECT program, the type of emergency event is not limited; therefore, both tsunami and hurricane evacuation routes are likely eligible. In addition, several evacuation activities are explicitly identified as being eligible for funding. These include:

• improvements to the efficiency of evacuations and disaster relief;[4]
• evacuation planning and preparation;[5]
• improving the ability of the evacuation route to provide safe passage during an evacuation;[6]
• reducing the risk of damage to evacuation routes as a result of future emergency events, including:
  • restoring or replacing existing evacuation routes that are in poor condition;
  • restoring or replacing existing evacuation routes that are not designed to meet the anticipated demand during an emergency event;
  • taking steps to protect routes from mud, rock, or other debris slides; and,
  • expanding the capacity of evacuation routes to swiftly and safely accommodate evacuations in the event that existing evacuation routes are not equipped to adequately facilitate evacuations.[7]

The National Oceanic and Atmospheric Administration (“NOAA”) Coastal Zone Management program, however, is limited to ecosystem conservation pursuant to section 12502 of the Omnibus Public Land Management Act of 2009.[8] Evacuation routes are not an eligible project type of the NOAA Coastal Zone Management program. This grant program focuses on:

• Protecting natural resources;
• Managing development in high hazard areas;
• Giving development priority to coastal-dependent uses;
• Providing public access for recreation;
• Prioritizing water-dependent uses; and,
• Coordinating state and federal actions.[9]

Last Updated: July 13, 2023

Can a municipality award SLFRF funds to a nonprofit to support the municipality’s elections administration expenses such as staffing costs, technology expenses, public awareness campaigns, etc.?

A municipality can likely award Coronavirus State and Local Fiscal Recovery Funds (“SLFRF”)  to a nonprofit to support the municipality’s election administration. The American Rescue Plan Act (“ARP”) established Coronavirus State and Local Fiscal Recovery Funds (“SLFRF”) to broadly support local communities, which likely extends to support local election administration.

First, municipalities may likely use SLFRF for election administration costs under two of the four “eligible use” categories: (1) Revenue Replacement and (2) Public Health and Negative Economic Impacts, as set forth in more detail below.

Second, municipalities can likely use SLFRF to fund nonprofits who assist in election administration. Under section 602(c)(3) of the Social Security Act, nonprofits and private organizations are allowed to be subrecipients of these funds to carry out “an eligible activity on behalf of the SLFRF recipient (transferor), as long as they comply with the SLFRF Award Terms and Conditions and other applicable requirements.”[1]  Municipalities should carefully consider the underlying regulations and related guidance. 

Revenue Replacement Eligible Use Category

The Revenue Replacement eligible use category allows municipalities to fund government services up to the amount of revenue loss due to the pandemic. Government services include “any services traditionally provided by a government.”[2] While not explicitly stated in the Final Rule, if the services are traditionally provided by the municipality, elections administration costs may be considered an eligible use of revenue replacement funding. Under this category, recipients “may use funds up to the amount of revenue loss for government services.”[3] Revenue loss is calculated as either a part of the standard allowance of up to $10 million, or through a full revenue loss calculation.[4] Revenue replacement is the most flexible eligible use category.

Public Health and Negative Economic Impacts Eligible Use Category

The Public Health and Negative Economic Impacts eligible use category is specifically intended to increase public sector capacity.[5] There are three main public sector categories under the Public Health and Economic Impacts eligible use category:

• Public Safety, Public Health, and Human Services Staff;
• Government Employment and Rehiring Public Sector Staff; and
• Effective Service Delivery.[6]

Election administration would likely be eligible under the Effective Service Delivery subcategory. However, because election administration is not an enumerated use under any of these categories, municipalities should consult the “Framework for Eligible Uses Beyond Those Enumerated”[7] to determine whether the specific project could be funded under the Other Economic Support expenditure category.[8]

Using this framework, recipients should identify the COVID-19 public health or economic impact and design a response that addresses or responds to the identified impact.[9] It is a good practice for recipients to maintain detailed documentation supporting any eligibility assessments undertaken for non-enumerated uses.

Use of Nonprofits to Assist in Election Administration

A nonprofit is likely eligible to receive SLFRF as a subrecipient to assist in election administration. Nonprofits acting as subrecipients must carry out “an eligible activity” on behalf of the municipality (SLFRF recipient) and must “comply with the SLFRF Award Terms and Conditions and other applicable requirements.”[10]

Last Updated: February 23, 2023

How can municipalities balance the need to build community capacity with the need to move quickly on grant deadlines?

Grants typically have deadlines to hold municipalities accountable for utilizing the funds awarded to them. For expansive projects, such as those designed to mitigate long-term issues like capital infrastructure resiliency, tight deadlines can have consequences for implementing municipal projects. Below are suggested good practices that can help municipalities balance building community capacity while moving quickly on grant deadlines.

A tight period of performance may intimidate municipalities to not use funds at all rather than tackle the nuances of using the funds appropriately. Municipalities should seek to develop a sound plan to use those funds responsibly, and municipalities should consider proactively identifying needs before grants are made available.

The following good practices are focus areas that can improve a project's implementation timeline when faced with a tight performance period.

Proactively assess needs and try to get a head start

Projects designed to build community capacity require time and effort to determine areas of insufficient capacity and develop a plan to appropriately address these areas of opportunity. Under a tight performance period, municipalities should immediately focus on starting these awareness-building tasks while simultaneously beginning next steps.

Increase capacity to get the job done

For projects with a tight period of performance, resources are essential. In addition to the funds allotted in a grant award, a municipality will need personnel and capital. While a grant may allow for the acquisition of such assets, the materialization of these assets takes additional time.

For tight timelines, municipalities must equip themselves with the resources to fully implement the project as soon as possible, preferably in its early stages. This will allow municipalities to limit delays in the project's implementation phase.

Make an informed decision to outsource administration responsibilities

Where possible, municipalities can consider outsourcing as much as possible to free up time and resources. This allows the project designers to focus on other important areas, such as expanding the project to use more grant funds or addressing challenges that arise from administering the project.

For municipalities pursuing this strategy, making an informed decision on who is contracted to carry out these responsibilities is critical. Quickly contracting with an organization with poor performance outcomes can cost more time and money in the long run. Again, municipalities must make these decisions in the early stages of the project. 

Focus on efficiency and resiliency

If the goal of the grant award is to promote community resiliency, municipalities should make this the focus of their efforts rather focusing on spending the full grant award. Though a project may use fewer funds this way, it satisfies the objective more than a larger project. For example, a large project poorly managed could have less resiliency than a smaller project with more intentional scope and focus.

Municipalities must assess their capacity after factoring in the above recommendations, such as outsourcing administrative responsibilities and increasing staff and resources available for the project.

Conclusion

Municipalities should maximize grant awards to provide the most benefit to their constituents. When faced with a short period of performance or tight grant deadlines, municipalities must create a project that reflects their own capacity, even as they try to expand that capacity and build resiliency within the community. This may not always match the funding level allocated toward such projects, but instead focuses on the impact of spent dollars.

Taking the appropriate time to plan, increasing the capacity to complete the project, outsourcing responsibilities where appropriate, and focusing on efficiency and resiliency are strategies to maximize the time available to complete a project. Municipalities should focus above all else on their primary goal— building community capacity.

Last Updated: February 15, 2023