On Thursday, May 19th, McKonly & Asbury was excited to bring back COLLABORATE! 2022, our annual, in-person conference, which featured speakers and topics focused on regional, national, and international business trends, as well as best practices and strategies for leaders across a variety of industries. In the nonprofit breakout session, leaders from the firm’s Nonprofit and Cybersecurity & Internal Audit Practices spoke about risk areas nonprofits are susceptible to, showed how they can mitigate those risks, and offered actionable steps that could be taken to improve an organization’s internal controls.
An organization’s internal controls are the key to a well-functioning, productive work environment and, if properly maintained, can also assist in the attempts to prevent fraudulent activity from occurring. While no organization is exempt from the possibility of fraud, maintaining strong and easy to follow internal controls can provide management teams with some peace of mind, knowing they have these practices in place, and can also allow for a more effective audit to take place at year-end. Here are some suggestions of internal controls that an organization can implement throughout the year to help with productivity and be an asset in preventing fraud:
- Proper Review of Invoices: Prior to being entered into the accounting system, each invoice should be reviewed by an employee with specific knowledge of the related charges. Additionally, once approved for payment the signor of the checks should also review the invoice and deem the charges reasonable before signing the check for payment.
- Review of Employee Reimbursements: All employee reimbursements and credit card statements should be reviewed and approved by an employee’s superior on a quarterly basis. The board should also review and provide approval for all reimbursements made by the executive director during annual board meetings.
- Review of Payroll Reports: Prior to payroll being processed and/or transferal of any cash, all payroll reports should be reviewed and approved by an employee who did not prepare the reports. This employee should also have specific permission from management to review the organization’s gross wages. Furthermore, the executive director should review the reports for gross pay compared to approved wage rates and evaluate the reasonableness of deductions/additions.
- Limit Authority (Separation of Duties): Ensuring there are clear separations of duties can be a very effective tool in preventing fraudulent activity from occurring. For example, the key accounting employee who is responsible for data entry and reconciling accounts for the organization, should be prohibited from being an authorized signor on all bank, debt and investment accounts.
- Review of Significant Contributions: In light of changes to nonprofit financial reporting related to restricted and unrestricted contributions, all significant contributions should be review by the executive director and the board to identify any donor restrictions. Any donor-restricted contributions should be recorded to an account separate from the unrestricted contributions. This will allow the quarterly and year-end reporting reconciliation process to run more effectively.
Be on the lookout for our follow up article which will include additional suggestions for internal controls that can be implemented for year-end reporting. Please contact us if you have questions about the information outlined above, our seasoned and experienced nonprofit professionals are here to help. You can also learn more about our Nonprofit services by visiting our website.