4 Internal Control Policies That Will Reduce Your Association’s Risk
Unfortunately, fraud can happen at any association, but implementing these four controls will help mitigate that risk.
I listened to a great webinar on Maximizing Internal Controls in Your Nonprofit: A Guide for Even the Most Pure. Host Ruth McCambridge of Nonprofit Quarterly introduced the webinar by saying this: “My experience has been that sometimes organizations—if they overlook internal controls—sometimes it’s because they don’t know what they need to know, but sometimes it’s because they just trust each other.”
McCambridge went on to say that trust is a great thing, “but it’s not a control.”
So, what is an internal control?
“Internal controls are methods put in place by a company to ensure the integrity of financial and accounting information, meet operational and profitability targets, and transmit management policies throughout the organization,” according to a definition by Investopedia.
They’re also some of the best ways to reduce risk to an organization’s finances, according the webinar’s presenter, Hilda Polanco, from Fiscal Management Consultants. Here are four ideas she offers for establishing internal controls and reducing your association’s financial risk.
Acknowledge donors. When organizations or individuals are donating money to the association, the association should acknowledge and thank them. You might be thinking, “Of course, but what does this have to do with internal controls?” Polanco said that in some cases, when funds that were intended for an organization were inappropriately redirected elsewhere, it was the missing thank-you letter that sounded the alarm. “It was the lack of acknowledgement that generated the enquiry, ‘Gee, I sent a donation, my check was cashed, but I never got my thank-you letter,’” she said.
Review credit card approval. “We live in a world where online purchasing is the way that business is conducted,” Polanco said. This means it’s important that associations have clarity on who is authorized to use the credit card, what types of purchases are authorized, and what amounts are authorized. Associations might consider asking staff to sign a policy that says if company cards are used for personal use, that the amount can be docked from their final paychecks. “We want the convenience of the credit cards to come with the controls to protect the organization,” she said.
Segregate payroll. “Payroll is the largest expense for most nonprofits,” Polanco said. “And it’s important … that no one individual is charged with the responsibility of adding employees and actually processing their payroll.” That means, that HR might add individuals to the payroll system, while finance processes their paychecks.
Require transparency. Associations should get board members, as well as staff, to sign contracts related to conflict-of-interest policies. “I think it’s equally important that staff members of an organization sign these policies, in addition to the board,” Polanco said. “I see this often on the board, but not as much on staff, and the staff are often in the position of selecting vendors.” And when it comes to advisor relationships—whether attorneys or insurance brokers, among others—Polanco recommends that those are kept fresh and “absent of any conflict of interest.”
What is one of your most effective internal controls? Please leave your comments below.