Home

Quick Links

Legal & Sitemap

navigation
Home > Trends & Insights > Internal Controls: Make Your List and Check It Twice

Article

 

Monday, June 24, 2013

Internal Controls: Make Your List and Check It Twice


Nonprofits that don’t exercise constant vigilance in adhering to internal controls open the door for fraud. Unfortunately, weak economic conditions have only increased the likelihood of occupational theft, making risk control measures more important than ever. You can keep such measures top of mind by regularly reviewing and updating your organization’s internal controls and concentrating your energies on the biggest risks.

Narrowing Your Focus
A detailed internal controls list potentially contains hundreds of items related to everything from governance to financial statements to payroll to information technology. If your nonprofit has never drafted such a list, talk to your financial advisors about doing so. Most nonprofits, however, engage in far fewer risky activities and should, therefore, focus on a smaller group of controls. For example, a startup that’s putting donations to work as quickly as they come through the door probably doesn’t need to worry about investment and property management policies—at least not yet. But such a nonprofit would benefit from implementing rules regarding cash receipts and disbursements. These include segregating duties (so that, for example, the same staffer who accepts donations doesn’t also record or deposit them), requiring dual signatures on checks and performing monthly bank reconciliations.

Foxes Watching the Henhouse
Even the best internal controls can’t protect your nonprofit from fraud if managers override them. Although auditors review internal controls, audits aren’t designed to catch management overrides. So it’s a good idea to ask a fraud expert to observe how well your organization is adhering to controls and to identify any potential risks. But your best line of defense may be your board of directors. Your board can help prevent management-perpetrated fraud by:

  • Overseeing annual audits
  • Ensuring that material weaknesses identified by auditors are addressed
  • Regularly reviewing financial statements
  • Signing off on completed IRS forms

It might also stipulate additional policies such as requiring the approval of at least one board member on the rare occasion a manager needs to override controls. Your board also should look for signs that managers aren’t following internal control policies to the letter—for example, failing to report risks and actual management overrides in a timely manner. Sloppy accounting and reporting errors and disputes with auditors and outside advisors are possible signs that a manager may be committing fraud.

Key Takeaways
You and your staffers probably have a lot on your plates—so it’s understandable if internal controls occasionally get lax. Remedy such lapses as quickly as possible by reviewing with employees and managers alike the policies designed to control fraud. 

A common theme in many of the instances of fraud that occur is the absence of, or a breakdown in, effective preventive and detective internal controls. Strong internal control policies and procedures are a must in formulating an effective fraud prevention strategy.  Underestimating the importance of strong controls puts your organization at risk, not only financially, but also in how your organization is perceived in the public eye by clients and potential funders. As such, all nonprofits should consider effective internal controls to be an essential component of its overall mission strategy.


COMMENTS

comments powered by Disqus