Does Your Nonprofit Have the Proper Internal Controls? Part 2
As we began to discuss yesterday (Read Part 1), a critical component of designing and implementing internal controls to minimize opportunities for fraud are control activities, which include but are not limited to the following:
1. Create a clear separation of duties and responsibilities within your organization
Assign different people the responsibilities of authorizing transactions, recording transactions, and maintaining custody of the related asset. A few examples:
- If you have a store front or record sales transaction, a different individual than the sales agent / cashier should count the end of day cash drawer and create the deposit slip
- A different individual than the individual who handles petty cash, bank deposits, and signs checks should open bank statements and perform your monthly reconciliations
While it may not be possible to eliminate the opportunity for theft, separation of duties and responsibilities can minimize opportunities for temptation and ease of access to theft. In addition by increasing the chances that an individual engaging in fraudulent behavior will be caught, the incidence of fraud will decrease.
2. Require the authorization of certain transactions
A few best practice examples:
- Implement an approval process for the payment of invoices
- require two signatures for all organizational checks
3. Maintain documentation and records
Documentation provides evidence of the underlying transactions and establishes the responsibility for the execution and recording of the transaction.
4. Conduct audits
Implementing separation of duties, approvals, and maintaining documentation and records are only the beginning. Once they are in place, you should conduct scheduled and random internal audits as an additional safeguard for fraud.
While limited resources and staff can make it more difficult for many nonprofits to implement some of the best practices mentioned above, Jitasa can provide you access to the resources you need to strengthen your internal controls. To find out how, please read more about our approach to risk management or contact us to talk to one of our associates.
Jon Osterburg, Manager of Client Services, Jitasa