Nonprofits face a lot of challenges in the course of carrying out their organizations objectives. These include the challenge of attracting enough funders and grants to keep their programs viable, and having access to the physical and strategic resources that help them get work done.
However, while most nonprofits have their sights set on external challenges and threats, it can be very easy to ignore the threats that come from within. Every day, we hear reports about organizations that are put into grave financial and legal trouble because of impropriety carried out by staff. Often, these events go unnoticed and cause damage because there are no insufficient internal controls within the organization.
Nonprofits are unlike other organizations in many ways. But like other organizations, it is almost impossible for nonprofits to survive or thrive, when they are constantly at risk of damage from a lack of internal controls.
How is your nonprofit approaching the subject of internal controls? Do you have sufficient controls to protect against damage coming from internal sources? In this article, we take a look at what internal controls mean for nonprofits, why they are so important and how to set them up right.
What are internal controls?
Internal controls are sound organizational practices that protect against fraud, embezzlement and costly mistakes. They are essentially checks and balances that are written into an organization’s processes to maintain a high standard of work and hedge against unwanted occurrences.
Internal controls may be focused primarily on protecting finances and ensuring their proper use within an organization. They may have an outward-facing part, regulating the relationship between the organization and its vendors, in order to reduce the risk that it will be cheated or defrauded. Or they may be more broad-based, providing for general conduct in order to preserve the organization’s corporate image, identity and goals.
For whatever reason internal controls are implemented, the basic premise of the controls is the same – to ensure that avoidable problems do not occur. According to Insource Services Inc., internal controls have three main attributes at their core.
● They protect assets by ensuring they are being handled properly;
● Divide responsibilities amongst several people; and
● Provide financial transparency
As would be obvious already, internal controls are a measure implemented within an organization, by the organization itself. The protection of your nonprofit’s finances and its image is entirely your responsibility.
Why are internal controls important for your organization?
Nonprofits increasingly have to face a widening variety of challenges. Internally-created problems should not be one of them. Implementing solid controls ensures organizations can face their operations and objectives without being unduly exposed to internal damage.
The risks and consequences of fraud, embezzlement and misappropriation are not only financially significant, they can expose the organization itself to severe damage. According to a 2012 report on Occupational Fraud and Abuse, the median fraud-related loss suffered by nonprofits is $100,000 per occurrence. This is a significant amount of financial damage.
In addition, when fraud occurs, it not only depletes the organization’s financial resources, it also reduces its credit within its donor community. Funders want to know they are donating to responsible entities that take proper care to safeguard their money and spend it according to budget. This is why many grant letters require that nonprofits implement proper controls before funding is released.
If funders cannot trust your organization to keep the grant money it wins, you will soon find yourself out of funding sources. Proper internal controls introduce predictability into your process and leaves funders feeling confident that their donation will be well-used.
Implementing proper controls has a well-documented effect across the organization. According to a 2010 study of nonprofits, after increasing uptake in internal control measures, there was a four-year decrease in the incidence and severity of fraud in the nonprofit sector.
When you’re not worrying over which of your staff will steal you blind, your nonprofit is in a much better position to grow and continue to impact your community positively.
What types of internal controls can you implement?
It is said that fraud is often caused due to need, justification and opportunity. While internal controls can do nothing about a would-be fraudster’s need or justification, these controls can limit the opportunity to commit fraud or other misconduct. Some of the types of controls you can explore implementing in your organization include:
● Segregation of duties: Assign different people to separate aspects of the same task. This ensures that no one has complete control over the whole process and reduces the possibility of impropriety. For instance, if one individual is in charge of conducting transactions, another can be in charge of authorizing them.
● Bank Reconciliations: Without proper oversight, you may quickly begin to experience a divergence between your bank balances and internal books. To ensure that everything remains above board, have a person other than your internal bookkeeper or treasure reconcile the unopened bank statement with the nonprofit’s books.
● Physical Controls: An example of physical controls is maintaining a safe where cash and other valuable can be kept. Another is securing computers and other equipment and properly tagging them to discourage someone walking in and just taking them away.
● Policies & Procedures: Have written policies and procedures that minimize the opportunities for fraud. For example, you may have policies that require two signatures on every check, or for checks above a certain amount.
Note that these controls will not stop fraud on their own or forestall the possibility of misconduct. They must be applied properly and in such a way that everyone understands nothing else will be acceptable.
How to set up functional controls
To ensure that your internal controls are not just a set of ideals that no one really implements, it is important to communicate the right message while they are being formulated. Consider these tips as you create your controls:
● Lead from the front: It is critical for leaders in your organization to be personally invested in making these controls work. Apart being at the forefront of education about the importance of these ethical controls, they should also be first to comply with them.
● Include top-level staff: When formulating the controls, you should get top-level staff and managers involved. They will be in charge of ensuring that their teams implement these controls, so you want to be certain they understand and are in support of the controls.
● Make your controls written: Written controls are more permanent, clear and communicate the message that nothing less suffices. Formalizing these controls helps communicate their importance and helps ensure continuity.
● Use automated controls: Where possible, use software to automate these controls, such as the recording of purchases, withdrawals and other financial information.
Introduce transparency to your nonprofit with PreciseGrants
PreciseGrants provides a handy set of tools for nonprofits interested in introducing and maintaining functional controls in their organization. Visit our website to get started with your free compliance check and learn about our consulting services.