Controls over operating processes are essential for all organizations, including nonprofits. This can sometimes be extremely challenging for smaller nonprofits due to a limited number of employees and constrained operating budgets. Individuals in these organizations tend to take on many duties that are typically segregated in larger entities. Nonprofits also often lack the financial resources to implement control systems, leaving them vulnerable to financial and other risks. By implementing proper internal controls, your organization can help mitigate damaging mistakes and infractions.
Purpose of Internal Controls
Internal controls are policies and procedures used to prevent fraud and to safeguard the assets of an organization. Not only can internal controls mitigate unintentional errors and fraud, but they can also help improve the efficiency of day-to-day operations. Strong controls will help organizationsprevent, detect, and correct financial misstatements. It’s important to consistently review these internal controls every year to make sure they stay relevant and are being applied consistently. Policies and procedures should foster a culture of financial responsibility and promote agency-wide transparency.
Clearly Define Roles
Staff in each position should have clearly defined responsibilities, and an organization chart should be created no matter how small the organization. Every employee should know what they are accountable for completing on a day-to-day basis to ensure no steps are missed. When steps in a process are skipped over, this can often lead to errors or financial misstatements. For example, an invalid invoice could be paid if the assigned person didn’t verify the invoice because the individual thought someone else was going to check the invoice details. Management needs to set a consistent tone. When the management team is consistent with following the policies and procedures in performing their duties, it will trickle down and have a positive impact throughout the organization.
An organization’s employees can be a great resource for identifying and deterring fraud, which is why it’s important for them to be trained properly. Employees need to understand what is considered fraud so that they’re able to identify any suspicious activity. They should feel comfortable going to the Board of Directors or upper management when they presume there’s fraud. While an outside audit may be required, it is not an internal control measure. In their 2020 occupational fraud and abuse study, the Association of Certified Fraud Examiners (ACFE) analyzed 191 cases of internal fraud within nonprofit organizations. According to the ACFE’s 2020 Report to the Nations, the median loss for nonprofits due to internal fraud was $75,000, and the average loss was $639,000. Of these cases, 40% were discovered through a tip or complaint, and 30% were discovered through internal audits or management review. This shows that a zero-tolerance policy for fraud needs to be communicated to employees.
Bank Account Transparency
Small nonprofits will often have one bookkeeper who is in charge of most of the accounting. As a result of this, it’s important to make sure that someone other than the bookkeeper receives the bank statements and reconciles them. This person should open the statement and review it for anything that looks odd or usual. They can also receive online access to the bank statements in read-only mode. It’s important to review all of the checks that have cleared and make sure they appear within the normal course of business. With a second person viewing the bank statements and completing a monthly reconciliation, the likelihood of fraud will decrease.
No matter the size of your organization, there are ways to protect the organization’s resources and its employees from errors and malfeasance through internal controls. The professionals at Albin, Randall & Bennett are nonprofit industry leaders. ARB’s Nonprofit Services Group is here to help organizations like yours with accounting and operational matters through every stage of financial growth.
My team performs internal control and operational systems reviews, provides risk management advisory services, and even helps with accounting software selection and implementation. Contact me today to discuss your nonprofit’s internal control strategy.
by Jason LeBlanc, CPA
Jason LeBlanc joined ARB in 1997 and has been a principal for the firm since 2016. Throughout his career in public accounting, Jason’s focus has been on M&A advisory services and providing accounting, compliance, and consulting services to clients in the nonprofit and automotive sectors. He is the Practice Leader for both ARB’s M&A Advisory Group and Nonprofit Advisory Services Group.