Category

Internal Controls

The Importance of Internal Controls for Your Nonprofit Organization

By | Internal Controls | No Comments

He may be your most trusted employee, someone who has been with your organization for years. Nevertheless, no one should be exempt from internal controls. Not even the CEO of your nonprofit should be allowed an exception to the controls put into place to safeguard your nonprofit’s financial integrity.

Although nonprofits tend to attract trusting (and trustworthy) sorts of people, according to figures reported on GuideStar, the median loss to fraud at nonprofits is $100,000. That’s a lot of money that could be better spent helping your organization achieve its mission rather than helping Mr. or Miss Thief buy luxuries.

People are often surprised when learning the identity of the person who committed the fraud. “I never thought she would do something like that!” or “Him? He’s the most loyal employee I know!” are common refrains. Fraud often occurs when people succumb to temptation. It may be spur of the moment or planned, but it doesn’t exist in isolation. Fraud happens because situations are favorable for theft.

Locking the Virtual Door

Would you leave your door unlocked when you leave your house to go to work? Of course not. It’s not that you don’t trust or like your neighbors. You may live in a beautiful neighborhood surrounded by lovely people, but that’s not the point. An open door is an invitation for thieves to come in and enjoy themselves. A locked door discourages casual entry and provides a simple barrier that turns thieves away.

Similarly, your nonprofit must create its own “locked doors” in the form of internal controls.

Internal controls consist of the steps, policies, and procedures enacted around the handling, storage, and recording of money. Safeguarding assets as well as ensuring accurate data (recorded transactions and financial information) are two critical steps to prevent nonprofit fraud.

Guidelines for Internal Controls

The general guidelines for internal controls include a clear separation of duties, accountability, and transparency.

  1. Separation of duties: Different people should be assigned the responsibility of recording transactions, authorizing transactions, and maintaining control over assets. For example, the person who locks the cash box in the safe should not be the same person who records all the transactions. The person who can authorize a return at a charity shop should not be the same person who is authorized to open the register and remove the money at the end of the day. Keeping duties separate ensures that one person alone cannot be tempted to take the money and cover it up by altering the records. It puts into action a sequence of checks and balances against the finances that should catch any mistakes or at least deter people from considering theft.
  2. Accountability: Audits are a great way to ensure accountability. An official annual audit should be supplemented by ad hoc, unannounced audits to discourage fraud. Another aspect of accountability is record-keeping. Clear, consistent recording of financial information is vital for accountability. Make sure that all accounts receivable are updated daily, and that bank deposits are made promptly. Do not leave checks in drawers waiting for deposit day. The same goes for cash boxes; have an additional person present when cash boxes are opened, and petty cash is counted or distributed. Each of these steps improves accountability.
  3. Transparency: All policies regarding internal controls should be documented in writing. Staff must be trained on such policies and reminded of the exact policy if adherence becomes lax. Lastly, enact a confidential reporting mechanism in which people can alert management if they discover fraud. Take all reports seriously and follow up on them promptly.

It may seem like an unnecessary layer of bureaucracy to enact these procedures, but as they say, an ounce of prevention is worth a pound of cure. How much is an hour or two of your time worth? Surely it is worth more than $100,000, the median amount lost to nonprofit fraud every year. Take an hour or two now to enact internal controls and prevent nonprofit fraud.

Welter Consulting

Welter Consulting bridges people and technology together for effective solutions for nonprofit organizations. We offer software and services that can help you with your accounting needs. Please contact Welter Consulting at 206-605-3113 for more information.

Mid-Year Budget Review

By | Abila, Accounting, Accounting Software, Budget, CPA, Grant Management, Internal Controls, MIP Fund Accounting, Nonprofit | No Comments

Let’s face it. Stuff happens. And, though you may wish your hard-fought and well-planned budget was settled, the National Council of Nonprofits says it best, “Budgets should not be ‘written in stone’ because the financial position of the nonprofit may change during the year.”

How is your nonprofit’s budget performing? Have you reviewed it since it was created and implemented? Is your revenue on target? Have any of the following occurred at your nonprofit? …

  • A shift or pivot in strategy or direction
  • Unforeseen events (natural disaster, legal, economic)
  • Organizational structure change (such as consolidations)
  • A change in funding received versus projected funding (such as receiving more or less from planned grant funding or fundraising activities)

A successful budget is one that is carefully crafted and implemented by a thorough budget team, then cautiously monitored and continuously updated throughout the year to reflect the inevitable changes affecting your nonprofit.

Download our Budget Checkup tool to put your Nonprofit budget to the test.

To learn about best practices when it comes to effectively monitoring and reviewing your budget throughout the year, download Budget Checkup: Critical Components of the Nonprofit Budget Review Process.

Feel like you have a pretty good understanding about the importance of the budget review process, but still relying on spreadsheets or an outdated solution? Join a live webinar, “Budget Lifecycle: Key Components to Budget Creation and Support” on Wednesday, June 7, for an in-depth review of how a true fund accounting™ solution can help you improve budgeting, so you can focus on your cause.

Looking for new nonprofit software to track your budget?  Answer these 5 Questions to Measure Fund Accounting System Effectiveness.

 

Welter Consulting

Welter Consulting is a technology firm empowering nonprofit and government organizations with effective software, consulting & training that can help you with your accounting needs. We are committed to finding the most affordable technology, the most powerful solution, and providing expert support. By leveraging technology and superior reporting, our team helps to free more of your time to devote to the important work of your mission. We bridge people and technology together for effective solutions for nonprofit organizations. We are passionate professionals who choose to work in the nonprofit sector for the same reason you do – helping others. Please contact us online or call 206-605-3113 for more information.

 

Responsible Data Collection for Nonprofit Organizations

By | Abila, Accounting, Accounting Software, Cloud, Data, Internal Controls, MIP Fund Accounting, Nonprofit, Technology | No Comments

Many people were shocked to discover the amount of data that Facebook and its partner organizations collect and share about their users. What’s surprising isn’t the amount of data collected and shared, but the public’s ignorance of how rampant data abuse is throughout the online world.

Have you ever had advertisements that seem to follow you online? That’s due to data collection from your browser history. Companies such as Google note which websites you’ve shopped or browsed recently and make educated guesses on behalf of their advertisers on which ads to display on your pages. So-called “remarketing” or “re-targeting” is just one example of how you are inadvertently leaving a detailed data footprint wherever you go online.

Social media websites such as Facebook may be in the news because of their disregard of how sensitive people are to data collection and sharing, but your company could be next on the list if you aren’t careful. Take time now to review your nonprofit’s data collection habits, security, and sharing guidelines, and make changes if needed to safeguard your donor and member privacy.

Create and Display Data Privacy Policies

Data privacy policies should be written and displayed prominently on your website. Some websites request that users accept them as part of their terms and conditions of using the website.

Privacy policies include:

  1. Details on how data is collected, shared, and stored
  2. Users’ abilities to stop data collection or access records
  3. Where to send complaints, questions, comments
  4. How IP addresses, cookies, and external links are used
  5. Any other information related to data use and collection

The Council of Nonprofits has a good privacy policy which you can review as a guideline to help you create your own. It includes the major points most nonprofits should cover in their privacy policies.

How Data Is Used

Most people recognize that some data is collected anytime they visit a website. Few object to simply recording IP addresses of people who visit a site but do disagree with who sites share their data with – they want control over who sees their personal information.

As part of your data privacy policy, be specific about how data is shared. Consider limiting shared data only to necessary third-party vendors, such as mailing companies who help you package donor mailings, or some other third party you manage and control. Selling user data may be a tempting way to make extra money, but it can quickly sour any trust built with your member base.

Improve Data Security

Even if you only collect a few data elements when people register for your site or make a donation, you must make all efforts to safeguard that data from hackers. Small nonprofits are actually at greater risk than larger ones because criminals know that small organizations lack the resources to counter against a cyberattack. They are more likely to pay the ransom when data is hijacked and may lack a dedicated IT resource to protect against attacks.

Take the time now to improve data security. Simple steps such as updating software, creating strong passwords, and adding virus protection software to your organization can act like locks on the front door of a house – not much if someone is truly determined to break in but enough of a deterrent that the average thief walks away for easier pickings elsewhere. Consider working with a cyber security expert to enact greater safeguards against intrusion if you handle highly sensitive data.

Although nonprofit organizations aren’t in the business of collecting and selling data like Facebook and other big companies are, they must maintain a basic level of trust with the public in order to continue their activities. Protecting data and providing transparency into your organization’s data privacy and security is one way to enhance that trust.

 

Welter Consulting

Welter Consulting is a technology firm empowering nonprofit and government organizations with effective software, consulting & training that can help you with your accounting needs. We are committed to finding the most affordable technology, the most powerful solution, and providing expert support. By leveraging technology and superior reporting, our team helps to free more of your time to devote to the important work of your mission. We bridge people and technology together for effective solutions for nonprofit organizations. We are passionate professionals who choose to work in the nonprofit sector for the same reason you do – helping others. Please contact Welter Consulting at 206-605-3113 for more information.

12 Steps to Improve Internal Controls

By | Accounting, Audit, Fraud, Internal Controls, MIP Fund Accounting, Nonprofit | No Comments

There’s no better time than now to review and analyze your organization’s internal controls. We’ve broken up the intimidating task of updating and maintaining proper internal controls while being slightly more focused and productive, with these 12 simple yet necessary steps.

Step 1: Map out your current processes and workflows. Detail out internal accounting procedures with a simple step-by-step checklist or list of rules. Clearly identify how long each step of authorization should take to process.

Step 2: Identify clear separation of duties. Open your workflow documentation back up and assign owners for each procedure, and other process owners who may be involved in authorizations, approvals, or reviews.

Step 3: Bring in an outside expert to review your current processes. Leverage outside expertise like certified fraud examiners (CFEs) or attorneys specialized in evaluating and improving internal controls. They can help identify any gaps or vulnerabilities.

Step 4: Find a new home for your documentation. You’ll want to maintain documentation of your processes in a commonly-used location that is easily accessible by staff. It will need to be continually updated as needs shift throughout the year.

Step 5: Review security permissions in your fund accounting system. Your technology should fully support your desired workflows encompassing your separation of duties. Update your security settings to limit system access, based on defined roles and security groups.

Step 6: Set up monitoring alerts. Ideally, your fund accounting system can be set up with active monitoring alerts to quickly notify other staff about key activities, such as when checks are printed, but not recorded, or vendor hold payment status is changed.

Step 7: Create a digital audit file. Here you’ll organize and maintain artifacts for future audits, including bank statements and reconciliations, investment summaries, fixed asset and depreciation schedules, documentation of donor pledges and grant funds received, and year-end accounts payable and expenses.

Step 8: Update your employee onboarding. Now that your documentation is up to date, you’ll need to update your new employee onboarding to reflect the changes. It’s important to promote a shared commitment of financial responsibility from the start with a new employee.

Step 9: Set a reoccurring monthly budget review. The budget is not just a planning tool – this is a key internal control. Schedule monthly budget reviews for reconciliation, explaining variances to the budget keeps proper checks and balances across departments.

Step 10: Recruit for an audit committee. You’ll want to institute a strong audit committee of independent members (typically from the board) who are familiar with finance and accounting. They should select and review the independent external auditors and help monitor for fraud.

Step 11: Schedule an internal audit. The best prepared organizations perform internal audits to ensure key control activities are being followed, and to identify any reconciliation discrepancies. Find an appropriate time for your team and stick to the date.

Step 12: Set up quarterly staff trainings. You must reinforce your controls with periodic trainings. Take the time now to get these on the calendar and build into the agenda time to discuss any shifting accounting standards for which you may need to adjust.

Remember, the objective of internal controls is to put “checks and balances” in place to help manage and preserve the charitable assets of the organization. It builds a foundation of policies and procedures that ensures employees act responsibly and ethically and prepares the organization for expected scrutiny (for example, audits and budget reviews) and tough to predict events (for example, staff turnover).

Here are a few resources to help you implement the 12 Steps to Better Internal Controls:

 

Welter Consulting

Welter Consulting bridges people and technology together for effective solutions for nonprofit organizations. We offer software and services that can help you with your accounting needs. Please contact Welter Consulting at 206-605-3113 for more information.