No one likes to think about internal controls, but an important component of nonprofit financial management is developing and implementing a strong set of such controls to mitigate risk and prevent fraud.
Make internal control processes easier with Beck & Company’s client accounting services. Contact Beck and Company online or by phone at (703) 834-0776 to learn how quickly you can improve your internal controls.
Nonprofit theft is shockingly common, according to the Boston Globe. Over 1,100 charities reported theft, embezzlement, or another major diversion of assets, according to an IRS report cited in the Globe article. At one nonprofit serving the homeless, the COO brazenly added funds to his own paycheck. These and other examples of nonprofit fraud and theft are unfortunately common.
Why so many problems in the nonprofit world? After all, one would think that people dedicated to serving a particular mission or vision would be scrupulously honest. Every dollar embezzled by the COO previously cited could have been spent to feed, clothe and house homeless families. So why the embezzlement?
People can be tempted to steal no matter where they work. And, unfortunately, nonprofits can be more trusting than other organizations.
The answer for good nonprofit financial management lies in having strong internal controls. Internal controls are the measures you take to ensure rigorous honestly in all your financial dealings. With good internal controls in place, you’ll have a series of checks and balances to protect financial assets.
The 10 Things Nonprofits Should Know About Internal Controls
1. Why are internal controls necessary? Internal controls are more than rules and regulations. They are guidelines for how funds are handled throughout your organization. By establishing a set of clear, unambiguous internal controls, nonprofit financial management is easier for all.
2. Assess your current internal controls and update as necessary. There’s no one-size-fits-all set of internal controls you can put in place that will answer all of your organization’s needs. Instead, assess your current internal controls and note any gaps. Compare them to the three COSO objectives (below) and see how yours measure up. Adjust as necessary.
3. Review internal controls against the three COSO objectives. There are actually five COSO objectives, but three stand out and apply directly to our discussion of internal controls. These include:
1. Risk assessment, especially risk identification and challenges.
2. Control activities, including policies and procedures as well as outsourcing risks, backups and more.
3. Monitoring, which includes both ongoing and periodic monitoring and assessment of internal controls.
4. Evaluate organization level controls. Organization or entity-level controls refer to the most basic level of controls in place to safeguard financial assets. Many organizations have internal controls in place, but are they being followed? An example of an internal control at the organizational level may be a blanket policy that all expense reimbursement requests must be accompanied by an original receipt. This may seem like a simple control, but it can prevent a great deal of fraud across the organization if the policy is carried out.
5. Determine information technology controls. Another area of potential fraud is through information technology resources. The IT department collects and maintains a great deal of valuable data at a typical nonprofit. Donor and member credit card information, for example, can be used to perpetuate fraud. Controls over who can access data are important to safeguard it.
6. Build controls around segregation of duties. It’s unhealthy to have all of the access to financial information in the hands of one or two people. Make sure your internal controls include segregation of duties. For example, the person who reconciles the bank statement isn’t the same person who deposits the money.
7. Put in place fraud prevention controls – and follow them. Fraud prevention controls include things like internal audits, a good component of any nonprofit financial management plan. Other fraud prevention controls include simple things like having someone double-count the cash, ensuring that the bank statements are reconciled promptly and similar actions. But perhaps more important than even having fraud prevention controls is actually following them. Don’t just pay lip service to fraud prevention, but make sure that fraud prevention controls are documented in writing, the staff is taught how to adhere to them, and there’s follow up and accountability to ensure compliance.
8. Document all policies and procedures. It’s easy to talk about fraud prevention and internal controls and then forget about them when you get busy. It’s harder to forget about them when you have everything documented in writing. Write down the policies and ensures the entire team, not just accounting and finance, attends training sessions to understand and follow them.
9. Recognize common procedural gaps. Be sure to look across all areas of your organization so that best practices cover both people at the top and those at the entry-level positions. It’s obvious that controls need to be in place within the finance and accounting department, but often companies forget that other workers have access to sensitive information or financial documents. Annual reviews of existing processes, external audits, and working with a nonprofit accounting audit services can help you recognize and close any gaps in your processes.
10. Address gaps immediately. There are always going to be gaps in any policy – that’s human nature. But don’t let those gaps in your policies remain open. Instead, update policies to ensure gaps are closed as soon as possible.
Need more details on implementing Internal Controls for your nonprofit? Download our whitepaper, “A Nonprofit’s Guide to Internal Controls.”
Nonprofit financial management includes strong internal controls that prevent theft, fraud, and embezzlement. With these best practices and diligent training on procedures, you’ll be in a much better position to safeguard your organization against problems.
Beck & Company
At Beck & Company, we work with many nonprofits to help them improve their internal controls. We have extensive experience and a tradition of creative thinking, technical expertise, and a collaborative spirit that can help your nonprofit achieve its goals. Whether you want to increase donor confidence and support through transparent accounting practices or find a partner for your annual audit, we can help. Contact us today or call 703-834-0776.