Everything You Need to Know About E-Rate Audits and How to Prepare for Them

E-rate audits are USAC or FCC-related reviews that test whether E-Rate funding was requested, approved, invoiced, and documented according to program rules. The most important review experiences for E-Rate entities are PQA, Selective Review/SRIR, and BCAP, with COMAD or RIDF used when funds must be adjusted or recovered.

For most E-Rate entities, the word "audit" creates instant anxiety. That is understandable. E-Rate touches procurement, technology, finance, student eligibility data, library eligibility records, board policy, vendor contracts, invoices, asset inventory, and federal compliance.

For school districts, libraries, consortia, and service providers, the challenge is not just staying compliant. It is being able to prove the full story years later: what was requested, how it was bid, why a vendor was selected, what was approved, what was delivered, what was invoiced, and what was paid.

At ErateSync, we built Audit Vault for exactly this problem. It proactively organizes the evidence you need across PQA, Selective Review/SRIR, BCAP, invoice reviews, and recovery scenarios so your team is not rebuilding the file from scratch when USAC asks. The workflow is designed to cut down response time, reduce back-and-forth, and keep every FRN audit-ready before the notice ever arrives.

Why E-Rate Audits Feel So Confusing

People use the word "audit" for almost every USAC review, but the review type matters.

A PQA review is not the same experience as a Selective Review. A BCAP audit is broader than a PQA review. A COMAD is not an audit at all; it is a commitment adjustment and recovery process that may happen after USAC identifies a problem.

In practice, the reviews E-Rate entities most often talk about day to day are PQA and Selective Review/SRIR. PQA is usually tied to whether a payment or disbursement was accurate and supported. Selective Review, through the SRIR, focuses heavily on whether the applicant followed competitive bidding rules before filing the Form 471.

BCAP is the full audit track. It can look across the entire lifecycle: eligibility, bidding, contracts, discounts, CIPA, invoicing, payment, delivery, inventory, and internal controls.

Why an E-Rate Entity Might Be Selected

USAC does not publish a simple checklist that says, "If you do X, you will be audited." Selection can come from different program integrity channels.

An E-Rate entity may encounter review because of:

• A statistically selected PQA sample
• A Selective Review during Form 471 application review
• A BCAP audit selected through USAC/FCC audit planning
• An invoice review or post-commitment review
• An appeal, whistleblower issue, data inconsistency, or other compliance review
• A prior finding or corrective action that receives follow-up attention

The safest assumption is that any E-Rate funding request may need to be defended later. USAC's PQA page states that any Universal Service Fund payment may be subject to improper payment testing.

That means audit readiness cannot start when the notice arrives. It has to be built into the filing, procurement, invoicing, and documentation process.

The Main E-Rate Review Types

References: USAC PQA Program · USAC Selective Review · USAC BCAP

PQA: The Payment Quality Assurance Review

PQA is one of the review types districts and libraries are most likely to experience as an invoice/payment documentation request.

USAC describes PQA as a program designed to estimate improper payments under federal payment integrity requirements. For E-Rate, that means USAC may select a payment and test whether it was made in accordance with FCC rules.

A PQA review can feel narrow at first because it often references a specific payment, FRN, invoice, customer billed date, service provider, and disbursement amount. But the document request can still reach backward into the full compliance chain.

USAC's E-Rate PQA testing areas include:

• Applicant eligibility
• Competitive bidding process
• Contract or legally binding agreement
• NSLP discount calculations
• Invoicing submission and reimbursements
• CIPA compliance
• Delivery and/or installation of physical inventory
• Customer bills supporting E-Rate-funded equipment or services
• Non-traditional education
• Lowest Corresponding Price
• Authorized representative for consortia
• Payment for the non-discounted portion

The key point: PQA is not only "send the invoice." It is "prove the payment was proper."

What PQA May Ask For

USAC's E-Rate PQA document list says selected beneficiaries may be required to provide requested documents within 10 business days. A sample PQA documentation list also shows requests such as:

• Confirmation of receipt
• Signed beneficiary confirmation letter
• Eligibility documentation for non-public entities
• Service provider bills tied to the disbursement under review
• Notes or annotations showing the FRN, relevant products/services, eligible vs. ineligible charges, and service receipt date
• Reconciliation when the invoiced amount spans multiple bills or months
• SPI credit or reimbursement support
• BEAR deposit support, such as a bank statement showing USAC payment
• List of entities receiving the services
• Bid evaluation worksheets or one-bid/no-bid explanation
• Signed and dated contract or legally binding agreement
• Proof of payment and proof the payment cleared
• CIPA filtering evidence
• Category Two asset inventory with make, model, serial number, location, install date, FRN, and bill reference
• Cabling floor plans or as-built drawings when applicable

That is why PQA should be treated like a mini-audit file, not a simple email response.

Selective Review and the SRIR

Selective Review is part of the Form 471 Program Integrity Assurance review process. The SRIR, or Selective Review Information Request, is the request USAC uses to collect information.

Selective Review verifies whether the applicant followed competitive bidding rules and ran a fair and open process. It takes place at the billed entity level, which means USAC may review all Form 471 applications filed by the billed entity for the current funding year.

USAC says the SRIR response is due within 15 calendar days from the SRIR inquiry in EPC. A first extension request is automatically granted and gives an additional 7 days. Because the timeline is short, the best time to prepare for an SRIR is when the Form 470 is posted and when bids are evaluated.

What the SRIR Really Tests

The SRIR is not just asking, "Did you pick the lowest price?"

It is asking whether the district or library can prove:

• The Form 470 and RFP described the services correctly
• The RFP and addenda were available for the required competitive bidding period
• All bidders had access to the same information
• The applicant retained all bids, including losing bids
• The bid matrix was created using disclosed or supportable criteria
• Price of eligible products and services was the primary factor
• The selected vendor was the most cost-effective option
• The contract was signed and dated after the allowable vendor selection/contract date
• The contract, Form 471, FRN, RFP, vendor quote, and invoice all describe the same service
• Any consultant had a signed agreement or LOA
• State master contract use was properly documented
• Vendor correspondence did not show unfair influence, unequal information, or post-deadline changes that changed the competition

The strongest SRIR responses tell a clean procurement story. They do not just upload a bid matrix; they explain the logic behind the selection.

Common SRIR Trouble Spots

From real review work, the problems often live in small inconsistencies:

• The RFP says one thing, but the contract order form says another.
• A vendor quote uses language like "dark fiber installation" when the application describes lit fiber or internet access.
• A bid matrix gives the same score to materially different prices without explaining why.
• A partial bid is scored against complete project bids without documenting compatibility or completeness.
• A district selects a higher-bandwidth option but does not explain why it was cost-effective.
• Contract dates, signature dates, award dates, and Form 471 dates do not line up.
• The applicant cannot produce losing bids, Q&A, addenda, or vendor correspondence.
• A service provider, rather than the applicant or authorized representative, appears to have driven applicant-side decisions.

A strong SRIR file should include the Form 470, RFP, addenda, Q&A, all bids, correspondence, evaluation criteria, signed scoring matrix, award documentation, contract/order forms, LOA or consulting agreement, and a short narrative explaining why the selected bid won.

BCAP: The Full E-Rate Audit

BCAP stands for Beneficiary and Contributor Audit Program. For E-Rate applicants, this is the broad audit experience.

USAC says BCAP audits assess compliance with FCC rules. They may be performed by USAC internal auditors, outside audit firms contracted by USAC, FCC OIG, FCC Enforcement Bureau, FCC-contracted auditors, or other federal agencies.

BCAP audits generally have three phases:

• Planning
• Testing
• Reporting

In planning, the applicant receives an announcement letter identifying the purpose, scope, personnel, initial documentation request, due date, and submission instructions. An entrance conference may follow.

In testing, auditors review the evidence. This can include multiple rounds of follow-up questions.

In reporting, the audit results are finalized. If noncompliance is identified, the auditor may recommend recovery of funds. If potential waste, fraud, or abuse is identified, the matter can be referred to FCC OIG or FCC Enforcement Bureau.

What BCAP Usually Feels Like

BCAP is less like one document request and more like a case-management project.

An E-Rate entity should expect workstreams for:

• CIPA
• Competitive bidding
• Discount calculations
• Invoicing and proof of payment
• Inventory and asset verification
• Service delivery and installation
• Accounts payable/internal controls
• Contracts and legally binding agreements
• Entity eligibility and recipient of service
• Non-discounted share payment

Local audit experience shows BCAP can take many months and sometimes more than a year. USAC Audit Committee briefing books from 2024-2026 show E-Rate BCAP audits regularly sitting in fieldwork and reporting, with some audits aging over 12 or 18 months. That is important for E-Rate entities: a BCAP audit is not something to "finish Friday." It needs ownership, version control, and a response strategy.

BCAP Evidence Auditors May Request

A serious BCAP file should be organized by FRN and by audit topic.

For competitive bidding:

• Form 470
• RFP and all attachments
• Addenda and Q&A
• Bidder communications
• All bids, winning and losing
• Bid evaluation criteria and weights
• Signed scoring matrix
• Award documentation
• Board approval if applicable
• Contract, MSA, order forms, amendments, and renewals
• State/local procurement support

For discount support:

• NSLP or alternative discount mechanism records
• Entity enrollment data
• Eligible entity list
• Urban/rural support
• Consortium member support if applicable
• Documents showing how the Form 471 discount was calculated

For CIPA:

• Internet safety policy or AUP
• Public notice
• Public meeting or board minutes
• Filtering product documentation
• Evidence the filter was purchased, installed, or in use
• Board adoption materials

For invoicing:

• FCDL
• Customer bills
• SPI credits or BEAR reimbursements
• Proof of payment to service provider
• Proof payment cleared
• Bank records for BEAR deposits
• Reconciliation from provider bills to E-Rate invoices
• Credits, refunds, or adjustments
• Documentation that only approved eligible services were invoiced

For Category Two equipment:

• Purchase order
• Packing slips or delivery proof
• Installation records
• Asset inventory
• Make, model, serial number
• Physical location, including room or MDF/IDF
• Date installed
• FRN and invoice reference
• Photos, network diagrams, floor plans, or as-builts where useful
• Service substitution approval if equipment changed
• Transfer records if equipment moved

For accounts payable:

• Who receives vendor bills
• Who reviews and approves invoices
• How the district or library confirms services/equipment were received
• PO process
• Check/ACH process
• Written AP policies and procedures
• Segregation of duties or approval workflow
• How billing accuracy is verified before payment

That last category matters more than many E-Rate entities expect. Auditors often want to understand the process, not just see a stack of invoices.

The Findings That Cause the Most Pain

USAC's common E-Rate audit findings are basically a map of where E-Rate entities should focus.

Competitive Bidding Errors

Competitive bidding findings are dangerous because they can affect the entire FRN. If the procurement was not fair and open, if price was not the primary factor, if the contract was signed too early, or if documentation is missing, the funding request can be denied, reduced, or recovered.

An E-Rate entity should be able to answer:

• What was requested?
• Who had access to the request?
• When was it posted?
• What bids came in?
• How were they scored?
• Why did the winning bid win?
• Who made the decision?
• When was the contract signed?
• Did the final contract match the requested and approved service?

The bid matrix should not be a decorative spreadsheet. It should be defensible.

Invoicing Errors

Invoicing findings happen when the billed amount does not reconcile to the approved funding and actual eligible services.

Common problems include:

• Billing ineligible services or equipment
• Billing ineligible locations
• Billing more than the FCDL-approved amount
• Invoicing to the cap instead of actual delivered services
• Invoicing services not approved on the FCDL
• Recurring services outside the funding year
• Missing invoice deadline support
• Failure to remove ineligible entities or costs

The best protection is a reconciliation worksheet that ties customer bills to the BEAR or SPI submission line by line.

Missing Proof of Payment

E-Rate does not just require that the applicant receive the eligible service. The applicant also has to pay its non-discounted share and be able to prove payment.

USAC's common findings include failure to pay or document the non-discounted portion. PQA requests may ask for both proof of payment and proof the payment cleared, such as check images, bank statements, or credit card statements.

CIPA Gaps

CIPA findings often come from missing documentation, not necessarily from an applicant having no filter.

An E-Rate entity should retain the Internet safety policy or AUP, public notice, meeting minutes, adoption records, and filtering documentation. For PQA, board minutes alone may not be enough if they do not prove the filtering technology and compliance details requested. See our CIPA overview for the foundational requirements.

Missing or Incomplete Asset Inventory

For Category Two, the audit question is not only "Did you buy it?" It is "Where is it, when was it installed, and is it the equipment that E-Rate funded?"

A strong C2 inventory includes make, model, serial number, physical location, install date, FRN, and bill reference. For cabling, keep floor plans or as-built drawings showing drops and MDF/IDF locations.

Ineligible Entities or Locations

Recipient of service errors and ineligible location findings happen when services or equipment benefit entities that were not eligible, not listed correctly, or not properly cost allocated.

This can show up in many ways: a non-instructional facility, a pre-K program, adult education, Head Start, juvenile justice, a library branch, or a site that receives service but was not listed on the Form 471. Review our E-Rate eligibility guide for who qualifies.

Lowest Corresponding Price

Lowest Corresponding Price is primarily a service provider obligation, but it can still show up in audit activity. USAC's audit compliance training notes that service providers may need to complete LCP certification in a PQA assessment.

Applicants should understand LCP because pricing anomalies can create questions, especially where a service appears materially higher than similarly situated nonresidential customers.

COMAD and RIDF: How Recovery Fits

COMAD should be included in any serious E-Rate audit guide because it is often what applicants fear most: paying money back.

But COMAD is not its own audit type. It is the process USAC uses when it determines funds were committed and/or disbursed in error.

USAC explains that when funds were committed or disbursed in error, FCC rules require USAC to rescind commitments and recover improperly disbursed funding. USAC calls this the Commitment Adjustment process, or COMAD.

RIDF is different. RIDF applies when funds were disbursed in error but the original funding commitment was correct. For example, if an invoice included ineligible products along with approved products, USAC may recover the improperly disbursed amount without necessarily changing the original commitment.

COMAD vs. RIDF

A Commitment Adjustment Letter includes the impacted FRNs, application number, BEN, SPIN, adjustment report, and reason for the COMAD. If disbursed funds exceed the adjusted commitment, USAC seeks recovery from the responsible party.

This is why audit readiness and appeal readiness are connected. The best time to defend against COMAD is before there is a COMAD: preserve the procurement record, reconcile invoices, document service delivery, and keep the compliance story intact.

Learn more about how ErateSync helps applicants build appeal-ready evidence from the start.

The E-Rate Document Retention Rule

USAC's document retention rule is one of the most important parts of audit readiness.

The rule is often summarized as "keep E-Rate records for 10 years," but that shorthand can be misleading. The clock does not always start when you file the Form 471 or when the funding year begins.

E-Rate participants must keep compliance records for 10 years after the later of:

• The last day of the applicable funding year, or
• The service delivery deadline for the funding request

That "later of" language matters. If an FRN comes from Funding Year 2010 but the last date to receive service, service delivery deadline, or final service activity tied to that funding request extends to 2016, many applicants would interpret the retention period as running 10 years from 2016, not 2010. In that example, the practical retention target would be 2026.

The safer audit-readiness rule is this: do not purge records based only on the funding year. Keep the full FRN file until at least 10 years after the latest relevant service delivery date or deadline tied to that funding request. For multi-year contracts, delayed Category Two installations, service substitutions, invoice deadline extensions, appeals, or COMAD/RIDF activity, the conservative move is to preserve the file longer.

This applies to applicants, service providers, and consortia. USAC also makes clear that using a consultant does not remove the school, library, consortium, or service provider's responsibility for compliance.

A practical document retention system should include:

• Pre-bidding documents
• Consultant agreements and LOAs
• FCC Form 470 and RFP support
• Addenda, Q&A, and all bidder correspondence
• All bids, both winning and losing
• Evaluation criteria, weights, and scoring sheets
• Award notices and board approvals
• Contracts, MSAs, order forms, amendments, and renewals
• FCC Form 471 support
• NSLP or discount calculation records
• Budget/resource certification support
• FCDLs
• FCC Form 486 and CIPA certifications
• Customer bills
• BEAR/SPI records
• Proof of payment and proof payment cleared
• Bank records for reimbursements
• Delivery and installation records
• C2 asset inventory
• Equipment transfer records
• CIPA policy, public notice, meeting minutes, and filtering evidence
• Service substitutions and SPIN changes
• Appeals, waivers, COMAD/RIDF letters, and correspondence

How to Prepare for an E-Rate Audit

The best audit preparation is boring in the best way: consistent, organized, and repeatable.

1. Build the File by FRN

Every FRN should have a complete story:

• What was requested
• Why it was eligible
• How it was bid
• Who bid
• Why the winner won
• What was contracted
• What was approved
• What was delivered
• What was invoiced
• What was paid
• Where the equipment or service went

If a reviewer opens your file and has to guess how documents connect, you are already making the review harder.

2. Keep a Competitive Bidding Narrative

For every procurement, write a short internal memo explaining the selection. Include the bidders, evaluation criteria, scoring method, price factor, award date, and why the selected solution was most cost-effective.

This is especially important when:

• The lowest raw price did not win
• Bids were incomplete or partial
• Multiple bandwidth options were evaluated
• State master contracts were used
• Equivalent products were proposed
• Compatibility mattered
• A vendor revised pricing
• The applicant received only one bid or no bids

3. Reconcile Every Invoice

Do not wait for PQA to build the reconciliation.

For each BEAR or SPI invoice, be able to trace:

• FCDL approved service
• Service provider bill
• Eligible charges
• Ineligible charges removed
• Discount amount
• Non-discount share
• Payment proof
• BEAR deposit or SPI credit
• Any credits or refunds

A clean reconciliation can turn a stressful PQA review into a manageable documentation exercise.

4. Treat Category Two Like Fixed Assets

For C2, asset inventory is not optional. Keep the inventory current when equipment arrives, when it is installed, when it moves, and when it is replaced.

At minimum, track:

• Make
• Model
• Serial number
• FRN
• Invoice number
• PO
• Install date
• Physical location
• Room, closet, MDF, or IDF
• Service substitution if applicable
• Disposal or transfer record if applicable

5. Preserve CIPA Evidence Every Year

CIPA should not live in someone's memory. Keep the actual evidence.

That means policy, public notice, board agenda/minutes, adoption evidence, and filtering documentation. If your filter changes, keep support for the new tool.

6. Document Internal Controls

For BCAP, E-Rate entities should expect questions about process.

Write down:

• Who receives invoices
• Who approves invoices
• Who confirms delivery
• Who checks E-Rate eligibility
• Who submits BEARs or reviews SPI credits
• Who maintains inventory
• Who stores documents
• Who responds to USAC

When staff changes, this documentation becomes the bridge between the year under audit and the people answering questions today.

7. Respond Like a Reviewer Will Trace Everything

Label every file with the FRN, question number, and document description. If something is already in EPC, say where. If something is missing, explain why and provide the closest available support.

Good responses are not just complete. They are easy to review.

Final Takeaway

E-Rate audits are not one thing. PQA tests payment accuracy and support. Selective Review/SRIR tests competitive bidding during application review. BCAP audits the full compliance lifecycle. COMAD and RIDF are the recovery mechanisms that can follow when USAC determines funding was committed or disbursed incorrectly.

The E-Rate entities that handle audits well do not rely on memory. They build an audit-ready operating system around every FRN: bidding, contracts, discounts, CIPA, invoices, payments, delivery, inventory, and appeals.

That is exactly where ErateSync fits. With Audit Vault, ErateSync proactively prepares your team across the different types of E-Rate audits and reviews before USAC asks. It helps organize the right evidence, reduce response time, cut down the back-and-forth, and keep every FRN ready for PQA, Selective Review/SRIR, BCAP, invoice review, or recovery support.