FINANCIAL MANAGEMENT GUIDELINES FOR NON-PROFIT AGENCIES Part 3 of 3
Separation of Duties
In parts 1 and 2 we looked at practical information on what is expected from organizations that have or anticipate receiving grants from federal funding either directly or as a sub-recipient regarding fiscal accountability. We also looked at Fiscal Policies that should be established for the organization.
Another important aspect that is often overlooked, especially in small organizations is the “Separation of Duties”.
Separation or Segregation of Duties is a Critical Issue for Nonprofit Organizations of all sizes.
The definition of separation or segregation or of duties (interchangeable terms) is the same across all business whether for profit or not for profit. The idea is to have more than one person complete a task.
The term most often applies to administrative or managerial activities where several tasks are distributed between multiple employees.
Duties which are generally impacted are within four main categories:
Ownership, authorization, record keeping and reconciliations. If the size of the staff allows, it is important to segregate the work load so that no one person handles more than one type of function. In reality; however, most nonprofit organizations run very lean operations employing staff according to budgetary restrictions.
With just a few employees assuming administrative responsibilities, the duties can be spread across the team as they each assume responsibility for a particular segment of the task. This will accomplish much the same goal in terms of delegating the tasks and ensuring that no one person owns or is responsible for an entire process.
Regardless to the size of the nonprofit organization, establishing separation of duties is critical and often times more than not is required by grantors. This is the first step for everyone in a leadership role to adopt a commitment and engage in the concept of separation of duties.
Nonprofit board members are ultimately responsible for the effective and responsible use of a nonprofit’s resources.
Oversight includes “controls”, the policies and procedures designed to prevent fraud and assure accurate reporting of the affairs of the organization.
There are some key concepts that can serve as a guide for every organization regardless of size.
Following is a post by Kelly Wessel that will help you in establishing and incorporating a separation of duties policy for your organization.
Guest blogger Kelly Wessel is all about the importance of internal controls in preventing fraud for small businesses and nonprofits. But some very small nonprofits think they can’t create the separation of duties normally required. Not so. Here’s a scaled back way for small nonprofits to add layers of controls.
Kelly Wessel is a Fraud Investigator and Forensic Accountant
Nonprofit businesses are famous for operating on a shoestring, often without the resources or knowledge or staff to establish strong accounting policies and procedures. Those conditions can often lead to employee fraud or volunteer embezzlement. But no matter how small your nonprofit is, there are procedures that can be implemented to mitigate the impact of internal fraud.
A small staff, whether paid or volunteer, makes it imperative for the executive director and board members to be consistently involved in hands-on review, and possibly, execution, of the day-to-day transactions.
Here are five steps that even the smallest nonprofit can implement.
POLICIES AND PROCEDURES
Establish written guidelines outlining how daily operations will be conducted every day without exception. This would include policies for board oversight, which should be constant and intentional. Lacking enough staff for a separation of duties, it is critical that policies be adhered to without exception. The board should adopt a zero tolerance approach to any policy and procedural violations and certainly for any illegal or unethical activity. Volunteers and employees need to be aware of that commitment.
PHYSICAL ACCESS
Access control is very important. File cabinets, supply closets, drawers or safes where cash, blank check stock and any personal information about employees, volunteers or donors, such as personnel files, must be kept locked and access limited. Do not make extra keys or give the safe combination to anyone. Don’t write it down and put it in the desk drawer of an unlocked office. Where possible, get keys that are cannot be duplicated. Maintain an access list of what keys are made and who has them. If you give a volunteer a key so they can come in to help with a project, get the key back when the project has ended. This can become a very big issue in the event of a theft or unauthorized access is suspected.
PROTECTING DONORS
Although it may be possible to completely eliminate checks and cash from your donors, make every effort to move people to secure online donation.
Although there have been many hacks of retailers and third parties that has exposed credit card information, the merchant payment backbone has never been hacked. Get a merchant card account with a terminal in the office or even a mobile swipe terminal that plugs into your smartphone. Add a secure gateway on the donation page of your website that is just a pass through to the Merchant account.
This ensures the credit card is encrypted and the donor’s information protected. Do not attempt to take credit cards on your own by writing the numbers down into a spreadsheet or maintaining that credit card in any offline methods.
Encourage donors to use their credit cards to donate. The fees paid for these accounts are well worth the security they provide. And in some cases, payment processors offer an option to have the donor pay the fees as well. You’d be surprised how often a donor will pick up the tab for that security.
No one person should receive, record and deposit donations. The bookkeeper should record the donations only and not have access to the checks. In a small office, the director should review each deposit, compare it to the recorded income and the list of donors. Deposits should be made daily.
PROTECTING DEPOSITS
Blank check stock should be locked up with access limited only to the authorized check-signer and preferably, the bookkeeper. Check numbers should be spot-checked and reconciled whenever new checks are retrieved for processing. The bookkeeper should never have check-signing authority.
BANK RECONCILIATION
In a very small shop, the bank statement should be mailed to and reviewed carefully by a board member, with extra attention to cancelled check copies.
In a perfect world, the board member would reconcile the bank statement. If that’s not possible, the reconciliation should be reviewed by a board member who cannot access or sign checks.
Internal fraud most often occurs when an employee or volunteer reaches the crossroads where opportunity meets need and justification. You cannot control the circumstances that push a normally trusted person to consider theft, or the internal tug and pull that eventually convinces them that it is OK to steal from you. But you can control the opportunity. No matter how small, you can establish some controls to help protect the organization from the loss and the employee from the inevitable results of defrauding and embezzling.
FINANCIAL MANAGEMENT GUIDELINES Part 1
FINANCIAL MANAGEMENT GUIDELINES Part 2
Resource for Fiscal Compliance
You will find this book to be invaluable when setting up and maintaining your systems for non-profit finance, compliance and reporting and organizational status reports to your Board of Directors and other interested parties. In addition to performing deliverables, as specified in your program plan, timely and effectively, you should not have to worry about discontinued funding due to non-compliance.