Common Nonprofit Internal Controls – Part 1
Part I: Common Nonprofit Internal Controls
The key in any organization to detecting and deterring fraudulent activity is to develop effective internal controls within the Control Environment. Internal controls are a set of integrated activities layered into an organization’s operating processes designed to safeguard assets, minimize errors, and to ensure operations are being carried out in an approved manner. Management is responsible for establishing and maintaining internal controls. An organization’s Board of Directors is responsible for ensuring internal controls have been implemented and are being enforced.
Review Financial Results Regularly
Compare line items in your budget to actual results on a monthly or quarterly basis; it’s critical to perform a variance analysis to ensure all transactions are legitimate.
Example: Is the organization’s rent expense showing $50K per month when you expect it to be $40K? Regular reviews reveal such discrepancies, so be diligent about performing them. Additionally, always provide evidence showing that these reviews are supported by management.
Segregate Duties
No single individual should handle a given transaction process. Implement a system of checks and balances to ensure funds are always deposited and disbursed appropriately.
Example: Your accountant/controller would write the check, and the owner of the company would sign it. Designate one person to count the money and another person to make the deposit. It’s also a good idea to always require two signatures on checks.
Require Documentation
The more vigilant you are in creating documentation around your organization’s desired processes, the better your chances of them being followed.
Formalize internal policies for new employees.
New employees should have access to written policies and procedures. Accounting personnel should be provided the written procedures on how to pay vendors. Additionally, employees should know exactly where to go for help or questions with those policies.
Provide documentation to support ALL financial transactions
Enforce the rule that all checks, statements, quotes, invoices, and other transaction-related materials are supported through adequate documentation. Every expense report should be backed by receipts AND approved by management before employee reimbursement.
Conduct Independent Reviews
All significant processes or documented transactions should require an additional level of review and approval performed by someone independent of the process. Select a reviewer within the organization who has the experience and knowledge to identify errors, and be sure that the review is documented to verify that it’s been done. Regularity matters here, too—managerial reviews should be performed at least on a weekly or monthly basis. To streamline this step, most companies will find ways to aggregate the process.
Example: Have your bookkeeper provide a list of checks written or ACH transactions weekly to the Executive Director for review or require a team member with no purchasing responsibility to review a list of new vendors from the accounting system monthly.
Maintain Open and Honest Communication
The importance of this step cannot be overstated: it’s critical to foster an environment where employees are encouraged to voice their concerns or report any red flags. Make sure your staff members are properly trained, familiar with your policies and procedures, and know who to talk to or where to go for help if anything looks or feels suspicious.
Questions about which internal controls you need to implement and how to do it in your organization?
Brady Ware Nonprofit Advisors want to help you fulfill your mission with financial health and compliance services and a network of nonprofit consultants who specialize in strategic decision-making.