Skip to main content
GrantBridgesGrantBridges

Search · Articles · States · Solicitations · Tools

Assess Readiness →
Resources/CCBHC
AnalysisSAMHSA Program OfficersState Behavioral Health Authorities9 min read

The CCBHC Compliance Cliff: What Funders Should Know About the Expansion Wave

Hundreds of new CCBHCs are entering complex multi-framework compliance for the first time. Many lack the infrastructure to manage it. This brief outlines the compliance capacity gap in the CCBHC expansion.

The CCBHC model is expanding faster than compliance capacity.

SAMHSA has issued multiple rounds of CCBHC grants — planning, development, improvement, advancement, and expansion awards — transforming what began as an eight-state demonstration into a national program. States are adopting CCBHC certification through Medicaid state plan amendments. The number of certified community behavioral health clinics has grown from dozens to hundreds, and is projected to continue accelerating.

This expansion is a policy success. The CCBHC model — comprehensive scope of services, Prospective Payment System rates, quality measurement, 24/7 crisis access — addresses real gaps in behavioral healthcare delivery. The clinical model works. Organizations that achieve CCBHC certification serve more people, offer more services, and generate more stable revenue than their non-CCBHC counterparts.

But the expansion has a compliance dimension that merits attention from the funders driving it. Many organizations entering CCBHC certification are community mental health centers that have never managed braided federal-state-Medicaid funding at this complexity level. They are crossing from single-framework compliance (a state behavioral health contract and Medicaid fee-for-service) into multi-framework compliance (SAMHSA grant under 2 CFR 200, Medicaid PPS, state contracts, quality measures, and potentially additional federal awards) — often within a single budget year.

This transition is a compliance cliff. And organizations falling off it face consequences that affect not just their own operations, but the grantees' communities and the program's credibility.

What's Changing for New CCBHCs

Before CCBHC Certification

A typical community mental health center (pre-CCBHC) operates with:

  • One or two state behavioral health contracts
  • Medicaid fee-for-service revenue
  • Possibly a small foundation grant
  • One compliance framework (state contract terms + Medicaid billing)
  • One fiscal year that matters (state, July-June)
  • Simple cost structure: most costs are directly attributable to the single state contract or billed to Medicaid

Financial management for this organization is straightforward. The bookkeeper or CFO manages one or two contracts, processes Medicaid claims, and prepares for a state audit. Compliance is manageable because the compliance surface is small.

After CCBHC Certification

The same organization, post-certification, now manages:

  • SAMHSA CCBHC expansion grant ($300,000-$500,000 under 2 CFR 200)
  • Medicaid PPS reimbursement (replacing fee-for-service, with cost report requirements)
  • State behavioral health contract (continuing, possibly modified)
  • Quality measures reporting (new, starting CY 2025)
  • Potentially additional federal grants (SAMHSA treatment, HRSA integration)
  • Single Audit exposure (federal expenditures now exceed $750,000)

The compliance surface has expanded dramatically:

  • Two or three fiscal calendars (federal, state, calendar) instead of one
  • 2 CFR 200 requirements (SF-425, effort documentation, cost principles) that didn't apply before
  • Medicaid cost report preparation (for PPS rate-setting) replacing simpler FFS billing
  • Quality measures collection and reporting — a new data infrastructure requirement
  • Cost allocation across frameworks — a capability the organization has never needed

The Capacity Gap

Financial Management

Most community mental health centers entering CCBHC certification do not have:

  • A written cost allocation methodology
  • Experience with 2 CFR 200 cost principles
  • A federally negotiated indirect cost rate (they've operated under state contracts with flat overhead allowances)
  • A system for tracking effort across multiple funding streams
  • Experience preparing an SF-425
  • Single Audit experience (most were below the $750,000 threshold)

These are not optional capabilities for CCBHC operations. They are compliance requirements that activate the moment the SAMHSA grant is awarded. The organization must be producing compliant cost allocations, filing accurate SF-425s, and documenting staff effort within the first quarter of the award — typically three to six months after learning they received the grant.

Data Infrastructure

CCBHC quality measures require clinical data — depression screening rates, follow-up after hospitalization, substance use treatment retention, and others — collected from the EHR, validated, and reported. Starting CY 2025, all CCBHCs must report quality measures, whether funded by a SAMHSA grant or certified through a state pathway.

Many community mental health centers entering CCBHC certification have EHR systems that were configured for basic clinical documentation and Medicaid billing — not for quality measure extraction. The data infrastructure needed to reliably collect, validate, and report CCBHC quality measures may require EHR reconfiguration, staff training, and new workflows.

Compliance Staffing

The organizations entering CCBHC certification are typically in the $3-8 million budget range with 40-100 staff. Their finance teams are small — a CFO and one or two support staff. There is usually no dedicated compliance position. The CFO manages compliance as part of a broader role that includes all financial operations.

The CCBHC transition increases the CFO's compliance burden by an estimated 200-400 hours per year (based on the additional reporting, cost allocation, effort documentation, and audit preparation requirements). For a CFO already working at capacity, this increase is not absorbable without either additional staff (which the organization may not be able to fund) or compliance infrastructure (which the organization may not know it needs).

What Happens When Organizations Hit the Cliff

Scenario 1: Delayed or Inaccurate SF-425s

The organization has never filed an SF-425. The CFO researches the form, but isn't sure how to map the organization's chart of accounts to the SF-425 budget categories. The first quarterly report is filed late. The second contains a cost allocation error that the program officer flags. By the third quarter, the organization is under enhanced monitoring — consuming more program officer time and creating stress for the organization.

Scenario 2: PPS Rate Based on Inaccurate Cost Data

The Medicaid PPS rate is calculated from the CCBHC's costs of providing CCBHC services. Without a reliable cost allocation methodology, the cost data submitted for rate-setting is inaccurate. If costs are understated, the PPS rate is too low — and the organization is systematically underpaid for every Medicaid visit for the rate period. If overstated, the organization faces recoupment during reconciliation.

Scenario 3: Single Audit Findings in Year One

The SAMHSA grant pushes the organization above the $750,000 Single Audit threshold for the first time. The organization's audit firm has experience with state contracts but limited experience with 2 CFR 200 compliance. The audit produces findings on cost allocation and effort documentation — areas where the organization had no prior compliance infrastructure. The findings don't reflect negligence; they reflect an organization that entered a compliance environment it wasn't prepared for.

Scenario 4: Quality Measures Reporting Failure

The organization's EHR isn't configured to extract CCBHC quality measures. The data team (often one person) spends months trying to build reports manually. The first quality measures submission is incomplete or contains data quality issues that SAMHSA flags. The organization invests significant clinical and administrative time in remediation — time diverted from patient care.

What Funders Can Do

SAMHSA

Extend the compliance ramp-up period. New CCBHCs need time to build compliance infrastructure. Consider a six-month grace period for full SF-425 compliance, during which the organization receives technical assistance on federal financial reporting rather than being placed under enhanced monitoring for first-time reporting issues.

Fund compliance infrastructure explicitly. CCBHC expansion grants should explicitly include compliance systems — cost allocation software, financial reporting tools, quality measures data infrastructure — as allowable and encouraged costs. Many grantees don't budget for these because they don't yet understand they'll need them.

Provide multi-framework technical assistance. SAMHSA's technical assistance for CCBHCs focuses on clinical model implementation and quality measures. Expand TA to include financial compliance — specifically, multi-framework cost allocation, 2 CFR 200 reporting, and Single Audit preparation. The organizations entering CCBHC certification for the first time need this operational TA as much as they need clinical TA.

Connect new CCBHCs with experienced ones. Organizations that have successfully managed the CCBHC compliance transition have institutional knowledge that's invaluable to new entrants. Peer learning networks — structured as compliance-focused cohorts, not just clinical practice communities — would transfer this knowledge efficiently.

State Behavioral Health Authorities

Coordinate with SAMHSA on reporting. When a state-certified CCBHC also receives a SAMHSA expansion grant, the organization must report to both the state and SAMHSA — often on the same activities. State agencies that align their reporting expectations with SAMHSA's requirements (or accept SAMHSA-formatted reports) reduce the redundant reporting burden during the most vulnerable period of the CCBHC transition.

Review indirect cost caps. State behavioral health contracts typically cap indirect costs at 10-15%. For organizations entering CCBHC certification — which requires more administrative infrastructure than pre-CCBHC operations — these caps may be insufficient. A cap increase for CCBHC-certified organizations, even to 18-20%, would fund meaningful compliance capacity.

Foundations

Fund the transition. A capacity-building grant of $15,000-$30,000 — explicitly for compliance infrastructure during the CCBHC transition — would have outsized impact. The grant funds compliance software, consulting for methodology setup, and training for finance staff. The return: every funder in the organization's portfolio receives better data and fewer compliance issues.

The Systemic Risk

The CCBHC compliance cliff is not just an organizational problem. It's a program risk.

If a significant number of new CCBHCs experience compliance failures in their first two years — audit findings, questioned costs, PPS rate errors, quality measures reporting gaps — the consequences extend beyond those organizations:

  • Program credibility suffers. Compliance problems at CCBHC-certified organizations undermine the case for further expansion. Policymakers evaluating the CCBHC model will see audit findings and questioned costs as evidence that the model isn't working — when the actual problem is that the compliance infrastructure wasn't in place.

  • Program officers are overloaded. Enhanced monitoring, corrective action plans, and technical assistance for struggling grantees consume federal program officer time that could be spent supporting successful implementations.

  • Communities lose access. If a CCBHC's grant is reduced or not renewed due to compliance issues — not clinical performance issues — the community served by that center loses access to services. The compliance failure didn't mean the programs weren't working. It meant the back office couldn't keep up with the front office.

The CCBHC model is too important to let compliance infrastructure be an afterthought. The organizations entering this model are entering it because they want to provide comprehensive behavioral healthcare to their communities. The compliance cliff doesn't need to exist — but it will continue to exist unless the funders driving the expansion invest in the operational infrastructure that makes compliance sustainable.

This brief is part of GrantBridges's braided funding compliance series. See also: The CCBHC Braided Funding Guide and Braided Funding Is an Operations Problem.