FEMA's $300 Million Nonprofit Security Grant Is Open — and Most Eligible Organizations Will Lose It to a Bad Investment Justification, Not a Lack of Risk
June 29, 2026 · 6 min read
Granted Research Team · Editorial policy
There is a federal grant that a synagogue, a mosque, a Black church, an LGBTQ community center, and a refugee-services nonprofit can all use to pay for blast-resistant film on their windows, a hardened front door, surveillance cameras, and contracted security personnel. It is one of the few homeland-security programs written specifically for civil-society organizations rather than governments, and on June 24, 2026, FEMA opened the FY2026 round with $300 million on the table.
The Nonprofit Security Grant Program (NSGP) is, in the federal taxonomy, a "target-hardening" program. It funds physical security enhancements for nonprofit organizations at high risk of a terrorist attack or targeted violence. For FY2026 the $300 million is split evenly: $150 million for the Nonprofit Security Grant Program – Urban Area (NSGP-UA) and $150 million for the Nonprofit Security Grant Program – State (NSGP-S). The urban-area pool serves nonprofits inside FEMA-designated high-risk urban areas; the state pool serves everyone else, so that a rural congregation is not forced to compete head-to-head with one in Manhattan.
This is the deep dive on how the program actually works, why the application process trips up otherwise-deserving organizations, and how to give yourself a real chance in the FY2026 cycle.
The funnel: you do not apply to FEMA
The single most important structural fact about NSGP — and the one that surprises first-time applicants — is that nonprofits do not apply directly to FEMA. The only entities eligible to apply to FEMA are the State Administrative Agencies (SAAs) — typically a state homeland security or emergency management office. Nonprofits are subapplicants to their SAA.
That changes everything about timing and strategy:
- Your real deadline is your state's deadline, not FEMA's. Each SAA sets its own internal due date, which falls before the federal deadline so the state has time to score, rank, and bundle applications. Those state deadlines are frequently weeks earlier than the national one and are easy to miss if you are watching FEMA's calendar instead of your SAA's.
- Your application competes twice. First your SAA scores and prioritizes subapplications within the state; then FEMA reviews the state's prioritized package. A technically eligible application that your SAA ranks near the bottom may never get federal consideration.
- Your SAA is also your guide. SAAs run workshops, publish state-specific instructions, and answer the questions FEMA will not. The organizations that build a relationship with their SAA grants office consistently outperform the ones that treat the process as a faceless federal portal.
The practical takeaway: the first call a prospective applicant should make is to their state's homeland security grants office, today, to find the FY2026 state deadline and application instructions.
Where applications are won and lost: the Investment Justification
Eligibility for NSGP is broad — any 501(c)(3) (and certain other nonprofits) that can demonstrate it is at high risk of terrorist attack or targeted violence can apply. Because eligibility is broad, eligibility is not where the competition happens. The competition happens in two documents: the Vulnerability/Risk Assessment and the Investment Justification (IJ).
The Investment Justification is the heart of the application, and it is where good organizations with genuine risk routinely fail. A weak IJ asserts that the organization is a target. A strong IJ proves it and then ties every requested dollar to a specific, documented vulnerability. The pattern reviewers reward looks like this:
- Identify the threat with evidence. Cite specific incidents — attacks or credible threats against organizations like yours, locally and nationally, with dates and sources. A faith community that documents a pattern of regional incidents against its denomination is making a fundable argument. One that writes "we feel unsafe" is not.
- Map threat to vulnerability. A professional vulnerability assessment (many states require or strongly prefer one) should name the specific weaknesses — unsecured entrances, unmonitored parking, no shatter-resistant glazing, no access control.
- Map vulnerability to the exact purchase. Every line item must trace back to a vulnerability the assessment identified. Reviewers are looking for a clean chain: this documented threat → this specific weakness → this specific funded mitigation. A request for cameras that is not tied to a vulnerability the assessment found is the kind of thing that sinks an otherwise strong application.
What the money can — and cannot — buy
NSGP funds are deliberately scoped to physical security and preparedness. Allowable categories generally include:
- Target-hardening equipment and physical improvements — reinforced doors, blast-resistant window film, fencing, lighting, access-control systems, surveillance cameras, alarm and notification systems.
- Contracted security personnel — within program limits and only as part of a broader security strategy, not as a standalone request.
- Security-related training and exercises — active-threat training for staff and volunteers.
- Planning — developing or updating security and emergency-operations plans.
What NSGP does not do is pay for general operations, staff salaries unrelated to the funded security activity, or organizational programming. This is a hardening program, not a sustainability grant. Applicants who try to bend it toward general support produce IJs that read as misaligned, and misalignment is fatal.
Why this program matters more than its size suggests
Three hundred million dollars is a meaningful number, but the strategic significance of NSGP is larger than the dollar figure. For the civil-society organizations most exposed to targeted violence — synagogues and Jewish community centers, mosques, historically Black churches, LGBTQ centers, immigrant- and refugee-serving nonprofits — NSGP is often the only federal funding stream available for physical security. Foundations rarely fund a new door or a camera system; insurance does not pay to prevent an attack. NSGP fills a gap nothing else does.
It is also one of the comparatively rare homeland-security programs that has enjoyed durable bipartisan support and steady-to-growing appropriations, precisely because its beneficiaries cut across every community. For a nonprofit weighing whether the substantial application effort is worth it, that durability matters: NSGP is a program worth learning to navigate well, because it tends to come back year after year. An organization that builds the institutional muscle to produce a strong vulnerability assessment and IJ this cycle is positioned to reapply — for additional sites, additional hardening, or escalating threats — in cycles to come.
How to approach the FY2026 cycle
For an eligible nonprofit, the path through FY2026 looks like this:
- Find your SAA's deadline immediately. The federal window opened June 24, 2026, but your binding deadline is your state's, and it is earlier. Do not calibrate to FEMA's calendar.
- Commission or update a vulnerability assessment now. This is the document that anchors a credible IJ, and a good one cannot be produced in the final week before a state deadline.
- Build the threat case with evidence. Document the specific, dated incidents and credible threats that establish your organization as high-risk. Generic fear is not fundable; documented pattern is.
- Trace every dollar to a vulnerability. The cleanest applications read as a chain from documented threat to specific weakness to specific funded mitigation. Anything that does not fit that chain weakens the whole.
- Decide UA vs. S correctly. If you are inside a FEMA-designated high-risk urban area, you compete in the $150 million urban-area pool; otherwise you are in the $150 million state pool. Your SAA will tell you which applies — getting this wrong wastes the cycle.
The risk to the communities NSGP serves has not receded, and for many organizations this is the one grant that can do something about it. But the program rewards preparation over urgency: the assessment, the evidence, and the line-by-line justification are what separate the funded applications from the deserving ones that go home empty-handed. The work to win the FY2026 round starts with a single phone call to your state's grants office — and it starts now.
Granted helps nonprofits find and win the funding built for their mission. To track NSGP, FEMA preparedness grants, and the foundation funding that complements federal security dollars, start with Granted's nonprofit funding tools.