ch00 fm 4386.qxd 3/10/05 3:00 pm page ii

ch00_fm_4386.qxd 3/10/05 3:00 PM Page ii

Sarbanes-Oxley for Nonprofits

ch00_fm_4386.qxd 3/10/05 3:00 PM Page i

ch00_fm_4386.qxd 3/10/05 3:00 PM Page ii

John Wiley & Sons, Inc.

Sarbanes-Oxley for NonprofitsA Guide to GainingCompetitive Advantage

Peggy M. Jackson, dpa, cpcuToni E. Fogarty, ph.d.,mph

ch00_fm_4386.qxd 3/10/05 3:00 PM Page iii

This book is printed on acid-free paper.

Copyright © 2005 by John Wiley & Sons, Inc., Hoboken, NJ. All rights reserved.

Published simultaneously in Canada

No part of this publication may be reproduced, stored in a retrieval system, or transmittedin any form or by any means, electronic, mechanical, photocopying, recording, scanning,or otherwise, except as permitted under Section 107 or 108 of the 1976 United StatesCopyright Act, without either the prior written permission of the Publisher, or authorizationthrough payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc.,222 Rosewood Drive, Danvers, MA 01923, 978-750-8400, fax 978-646-8600, or on theweb at www.copyright.com. Requests to the Publisher for permission should be addressed tothe Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ07030, 201-748-6011, fax 201-748-6008.

Limit of Liability/Disclaimer of Warranty: While the publisher and author have used theirbest efforts in preparing this book, they make no representations or warranties with respectto the accuracy or completeness of the contents of this book and specifically disclaim anyimplied warranties of merchantability or fitness for a particular purpose. No warranty maybe created or extended by sales representatives or written sales materials. The advice andstrategies contained herein may not be suitable for your situation. You should consult witha professional where appropriate. Neither the publisher nor author shall be liable for any lossof profit or any other commercial damages, including but not limited to special, incidental,consequential, or other damages.

For general information on our other products and services, or technical support, pleasecontact our Customer Care Department within the United States at 800-762-2974, outsidethe United States at 317-572-3993 or fax 317-572-4002.

Wiley also publishes its books in a variety of electronic formats. Some content that appears inprint may not be available in electronic books.

For more information about Wiley products, visit our Web site at www.wiley.com.

Library of Congress Cataloging-in-Publication Data:

Jackson, Peggy M.Sarbanes-Oxley for nonprofits : a guide to gaining competitive

advantage / Peggy M. Jackson and Toni E. Fogarty.p. cm.

Includes index.ISBN 0-471-69788-5 (cloth)

1. Nonprofit organizations—United States—Finance—Management. 2.United States. Sarbanes-Oxley Act of 2002. 3. Nonprofit organizations—Accounting--Law and legislation. 4. Nonprofit organizations—Auditing—Law and legislation. 5. Nonprofit organizations—United States—Management. I. Title: Sarbanes-Oxley for non-profits. II. Fogarty, Toni E.III. Title.

HG4027.65.J33 2005657'.98—dc22

2004029119

Printed in the United States of America

10 9 8 7 6 5 4 3 2 1

ch00_fm_4386.qxd 3/10/05 3:00 PM Page iv

www.wiley.com

In loving memoryBernice Stinemates Barnhardt

Carlisle StinematesThe Rev. Chandler C. Jackson

PMJ

In loving memoryMolly DavenportNokal KitchensHoss and Weasel

TEF

ch00_fm_4386.qxd 3/10/05 3:00 PM Page v

ch00_fm_4386.qxd 3/10/05 3:00 PM Page vi

vii

Contents

acknowledgments xiii

about the authors xv

preface xvii

chapter 1 Overview of the Legislation and Its Implications for Nonprofits 1What Is the Sarbanes-Oxley Legislation About? 1Relevance of SOX to Nonprofits 12Current Legislative Environment for Nonprofits 13Conclusion 26Endnotes 26

chapter 2 Safeguarding Your Nonprofit’s Financial Resources and Assets: Establishing Auditor Independence and Audit Committee Competence 27SOX Titles II and III 28The Value of Accurate Financial Statements 29The Importance of a Good Audit 30The Board’s Responsibility Regarding the Financial

Statements 32Conclusion 38

chapter 3 Reading and Interpreting Financial Statements 39Balance Sheet 42Statement of Operations 46Statement of Changes in Net Assets 49Statement of Cash Flows 50Financial Statement Analysis 52Conclusion 65

ch00_fm_4386.qxd 3/10/05 3:00 PM Page vii

chapter 4 Form 990: Unnecessary Paperwork or a Useful Tool? 67What Are Form 990 and Form 990-EZ? 67Why Is Form 990 Important? 68Management’s Role in Improving Form 990:

Creating a Good Internal Control System 69The Board’s Role in Form 990 72Conclusion 74

chapter 5 SOX Sections VIII and XI: Document Retention and Whistleblower Protection Obligations 75Whistleblower Protection 76Creating a Confidential Reporting System 77Document Retention, Archiving, and Retrieval 79First Steps: Beginning the Process 79Conclusion 84

chapter 6 Raising the Bar of Accountability: SOX Best Practices and the Board 85Legislative Environment: Best Practices and Governance 86New Expectations for Board Oversight and Governance 89Higher Expectations for Board Membership and

Deliberations 90SOX and the Board: Higher Performance and

Greater Accountability 96Championing SOX Best Practices: The Board’s

Governance Role 98Conclusion 102

chapter 7 SOX Best Practices and Organizational Culture: Changing the Environment 103The Nonprofit’s Organizational Culture and the

Adaptation of SOX Best Practices 103Introducing Change 110Nonprofit Board Culture 112Strategies for Introducing Change in the Board Culture 120Conclusion 121Endnote 121

chapter 8 A Platinum Operating Standard Starts with Good Bones 123SOX Best Practices: Moving to a Platinum

Operating Standard 123What Are Platinum Operating Standards? 125Review of Internal Controls 126

viii contents

ch00_fm_4386.qxd 3/10/05 3:00 PM Page viii

Conducting the Review of Internal Controls 133Content and Structure of the Review of Internal

Controls Report 134Conclusion 135Endnote 135

chapter 9 Creating a Competitive Advantage: Leveraging SOX Best Practices 137Competitive Advantages of Being in Compliance with

Sarbanes-Oxley Best Practices 138Conclusion 154Endnotes 154

chapter 10 SOX Best Practices for Small Nonprofits 155Five Myths That Hold Small Nonprofits Back 155Adopting SOX Best Practices 157Scaling the SOX Best Practices to Fit the Needs of

Small Nonprofits 157Keys to Success in Customizing SOX Best Practices 162Conclusion 163

appendices Best Practices: Checklists, Worksheets, and Sample Documents 165

appendix a Working Through the Four Basic Financial Statements 167Balance Sheet 167Statement of Operations 175Statement of Changes in Net Assets 181Statement of Cash Flows 184

appendix b Whistleblower Protection Policy 189

appendix c Document Retention and Storage Protocols 191Document Retention Policy—Talking Points 191Writing the Policy—Talking Points 191Special Designations for Sensitive Documents 193Storing and Archiving the Documents 194Testing the System 194

appendix d Audit Committee Procedures and Protocols 195Audit Committee 195Composition of the Committee 195Committee Functions and Deliverables 195

contents ix

ch00_fm_4386.qxd 3/10/05 3:00 PM Page ix

appendix e Conflict of Interest Policy 197Talking Points 197Sample Conflict of Interest Letter 199

appendix f Code of Ethics for Board and Senior Management 201Talking Points 201Sample Code of Ethics for a Nonprofit Board Member 202

appendix g Board of Directors—Governance Profile and Performance Expectations 203Oversight and Policy Making 203Term Limits 203Summary of Board Committees’ Descriptions and

Performance Objectives 204Process for Board Member Nomination and Election 204

appendix h Board Orientation Session 207Outline of Curriculum 207Board Binder Contents 208

appendix i Review of Internal Controls Report and Recommendations 211Overview of the Project 211Systems 211Recommendations and Time Line 212

appendix j Risk Management Plan 213Profile 213Risk Management Worksheets 213Worksheet 1—List Areas of Concern 214Worksheet 2—Tier 1 and Tier 2 Risks 214Worksheet 3—Strategies for Dealing with Risk 215Worksheet 4—Time Line 215Worksheet 5—Risk Administration and Monitoring 216Worksheet 6—Risk Management Plan Template:

Table of Contents 216Sample Risk Management Plan: Table of Contents 217

appendix k Business Continuity Plan 219Emergency Protocols 219Contact Information for Board Members and Staff 220Business Resumption Strategies for Each Department within

Your Nonprofit 220Communication 221

x contents

ch00_fm_4386.qxd 3/10/05 3:00 PM Page x

Financial Services 221Vendors 221Service Providers—Utilities, Water, Governmental Agencies 222If Your Nonprofit Needs to Relocate 222

appendix l Bibliography 225

index 229

contents xi

ch00_fm_4386.qxd 3/10/05 3:00 PM Page xi

ch00_fm_4386.qxd 3/10/05 3:00 PM Page xii

xiii

Acknowledgments

We would like to thank our editor, Susan McDermott, for her supportand interest in this project. Her encouragement spurred us on and her sup-port has been enormously helpful.

Peg is grateful for the ongoing support and encouragement of Victoria(“Tori”) Hill of the Library of Congress. Tori was a mainstay of support forPeg since the days of her dissertation, and for this project, has once againdemonstrated the tremendous cooperation and dedication that Peg hascome to know from working with the staff at the Library of Congress. TheLibrary is truly a national treasure!

Peg is also very grateful for the ever-present support of her husband,Paul, who has always believed in her, and their family friend, Rick Ewing,whose support and humor puts things in perspective.

Toni is grateful for the number of people who helped her with this proj-ect, either directly or indirectly. The “Ladies Who Lunch” group has beenand continues to be a great source of inspiration, and provides comic reliefwhen things get too serious.

She would like to thank her students at California State University,Hayward, and the University of San Francisco, who have helped her ex-amine issues from a variety of diverse perspectives and have enabled her tohone her analytical and communication skills.

Toni has also been blessed with a number of supportive colleagues,teachers, and friends. She would like to thank Jann Adams, Teh-wei Hu,and Ray Catalano, all of whom helped her make her way through the tri-als and hurdles of academia. In addition, she would like to thank all of hercolleagues at California State University, Hayward, for providing her witha caring and supportive work environment, something that is very rare and

ch00_fm_4386.qxd 3/10/05 3:00 PM Page xiii

precious in these hectic and competitive times. Finally, she would like toexpress her appreciation to and her affection for her friends Fox Frohlich,Katherine Collins, Doug Hogin, Raluca Cerbu, Denise Lyons, Dan Gen-try, Raena Frolich, and Laurie Nobilette, all of who sustain her by theirencouragement, wisdom, and humor.

Lastly, we would like to acknowledge “Virginia,” whose name may befictitious, but who is indeed a real person. Admittedly, it was her ill-advisedcomments at a luncheon that served as the main catalyst for this project.However, in our work, we have encountered many people like “Vir-ginia,” “Wendell,” and “Samantha,” whose words or deeds provide a con-text for presenting more useful methods.

xiv acknowledgments

ch00_fm_4386.qxd 3/10/05 3:00 PM Page xiv

xv

About the Authors

Peggy M. Jackson, DPA, CPCU, is a consultant and nationally-recognized lecturer in risk management, business continuity planning, andSarbanes-Oxley compliance for nonprofits. Dr. Jackson has coauthoredfive books on risk management in nonprofit organizations: Managing Riskin Nonprofit Organizations; Mission Accomplished: A Practical Guide to RiskManagement for Nonprofits; Mission Accomplished: The Workbook; No Surprises:Harmonizing Risk & Reward in Volunteer Management; and Risk Managementfor Schools. She is a partner with Fogarty, Jackson & Associates and a Prin-cipal with Adjunct LLC in San Francisco, CA.

Toni E. Fogarty, Ph.D., MPH (San Francisco, CA) is an assistantprofessor in the Department of Public Affairs and Administration at Cali-fornia State University, Hayward, and serves as the Graduate Coordinatorof the Master of Science in Health Care Administration program. Sheteaches courses in organizational behavior and change, research methods,ethical and legal issues in health care, and health care finance and budget-ing. Dr. Fogarty is a founding partner and the CFO in the Fogarty, Jack-son & Associates Consulting Group, which provides consulting services inthe areas of risk management, business continuity planning, organizationalanalysis and change, and Sarbanes-Oxley compliance. Dr. Fogarty co-authored the book Managing Risk in Nonprofit Organizations, has publishedarticles in several professional and academic journals, and has conducteda number of presentations and workshops at international and nationalconferences.

ch00_fm_4386.qxd 3/10/05 3:00 PM Page xv

ch00_fm_4386.qxd 3/10/05 3:00 PM Page xvi

xvii

Preface

Our intent is to present the best practices that have emerged fromthe Public Company Accounting Reform and Investor Protection Act(Sarbanes-Oxley) in a manner that explains their source and value to yournonprofit organization. This book is intended for nonprofit practitioners,board members, funders, potential donors, and anyone else who would liketo know how this important piece of legislation and how issues in today’slegislative environment affect nonprofits and can serve to strengthen theinfrastructure of nonprofits.

The environment in which nonprofits operate is changing—dramatically.The U.S. Senate Finance Committee conducted hearings into nonprofit ac-countability in June 2004. In response to testimony from the Commissionerof the Internal Revenue Service (IRS) and others, actions were proposed toraise the bar for nonprofit accountability. These proposals include:

• Require nonprofits to have their IRS tax-exempt status reviewedevery five years, with extra documents and a new processing fee

• Increase information disclosures on IRS Form 990, including annualperformance goals and measurements for meeting those goals

• Require Form 990 to be signed by an organization’s chief executiveofficer (CEO) or equivalent under penalties of perjury

• Create penalties for failure to file a complete and accurate Form 990

• Introduce requirements for nonprofit accreditation

• Establish an Exempt Organization Hotline for reporting abuses bycharities and complaints by donors and beneficiaries

• Limit board size to 15 members

ch00_fm_4386.qxd 3/10/05 3:00 PM Page xvii

The tone of the preceding proposals should be unmistakable. Publicpressure is mounting to have nonprofits come under a higher level ofscrutiny and regulation. Although only two provisions of Sarbanes-Oxley(SOX) apply to both nonprofit and publicly traded companies (whistle-blower protection and document preservation), visible compliance withSOX standards establishes a “platinum standard” and establishes a compet-itive advantage that can provide benefits to any nonprofit.

Best practices that emerge for SOX compliance include:

• A more effective board whose members understand and adhere totheir fiduciary obligations and recognize their responsibility in gov-erning the nonprofit

• Higher level of management and staff accountability

• Effective protocols to ensure that the nonprofit remains in compliancewith SOX and nonprofit “industry standards” and addresses futurestandards

• Better competitive positioning by making it known that the nonprofitadheres to the SOX platinum standard in its operating practices

• Greater credibility and ability to recruit high-quality board membersand to attract the favorable attention of major donors, foundations,and other funding sources

We’ve designed this book to take the reader from wondering what SOXis all about to examining the various sample documents and procedures thatcan be used to introduce these best practices into your nonprofit.

Chapter 1 provides an overview of the SOX legislation and the changesin the nonprofit legislative environment. The outcomes and proposalsfrom the Senate Finance Committee hearings are reviewed, along withthe new California Nonprofit Integrity Act.

Chapter 2 examines the role of audit committees and audits in SOX bestpractices.

Chapter 3 explores nonprofit accounting and financial statements.

Chapter 4 discusses the IRS Form 990s and their enhanced role in non-profit accountability.

xviii preface

ch00_fm_4386.qxd 3/10/05 3:00 PM Page xviii

Chapter 5 explores the SOX required provisions of whistleblower pro-tection and document retention policies. These two policies apply to allorganizations, not just publicly traded corporations.

Chapter 6 reviews how SOX best practices affect nonprofit boards.

Chapter 7 examines how a nonprofit’s organizational culture impacts itsreadiness to integrate SOX best practices.

Chapter 8 discusses how to move the nonprofit’s operating standardfrom ordinary to platinum.

Chapter 9 describes the ways in which the nonprofit can leverage SOXbest practices to create a competitive advantage.

Chapter 10 provides recommendations for scaling the SOX best prac-tices to suit the needs of the small nonprofit.

We believe that integrating SOX best practices along with the other leg-islative recommendations can strengthen your nonprofit’s commitment tofulfilling its mission.

preface xix

ch00_fm_4386.qxd 3/10/05 3:00 PM Page xix

ch00_fm_4386.qxd 3/10/05 3:00 PM Page xx

1

Overview of the Legislation andIts Implications for Nonprofits

The scene is an elegant Minneapolis restaurant. Five career women arehaving lunch together. Lois is the CFO of a well-known nonprofit in theTwin Cities. Shelly is an attorney with a prominent law firm. Peg is an au-thor and consultant. Toni is a professor, author, and consultant. Virginia isa community volunteer who sits on a number of prestigious nonprofitboards. She is also the Chair of the Board of a historic Minneapolis land-mark. The women met for lunch that day because they were colleagues ona pro bono project. Peg attempted, once again, to convince Virginia that theconflict of interest presented by a staff member was indeed a serious issue,and the discussion turned to Sarbanes-Oxley. Virginia emphatically stated,“Sarbanes-Oxley has nothing to do with nonprofits! You don’t know whatyou are talking about!” Both Peg and Toni attempted in vain to dissuadeVirginia of this notion.

Yes, Virginia, Sarbanes-Oxley does apply to nonprofits!

What Is the Sarbanes-OxleyLegislation About?

The Public Company Accounting Reform and Investor Protection Actwas passed in 2002 in the wake of the Enron corporate scandal. The act is

Chapter 1

ch01_4386.qxd 2/10/05 10:09 AM Page 1

commonly referred to as the Sarbanes-Oxley Act (SOX), named after Sen-ator Paul Sarbanes (D-MD) and Representative Michael Oxley (R-OH),who were its main sponsors. Although SOX was initially intended to raisethe bar for integrity and competence for publicly traded companies, its ef-fect has been to promote greater accountability within both the nonprofitand private sector. Along with public companies such as Enron, the non-profit world has seen high-profile scandals such as those involving theUnited Way and the American Red Cross. Subsequent to these nonprofitscandals, legislatures in both New York and California have begun delib-erations on SOX “clones,” targeting nonprofit accountability. In a similarvein, the U.S. Senate Finance Committee conducted hearings in June 2004and published some proposed actions to raise the bar for nonprofit ac-countability. These proposals include:

• Require nonprofits to have their Internal Revenue Service (IRS) taxexempt status reviewed every five years, with extra documents and anew processing fee

• Increase information disclosures on IRS Form 990, including annualperformance goals and measurements for meeting those goals

• Require Form 990 to be signed by an organization’s chief executiveofficer (CEO) or equivalent under penalties or perjury

• Create penalties for failure to file a complete and accurate 990

• Appropriate $10 million for various forms of nonprofit accreditation

• Establish an Exempt Organization Hotline for reporting abuses bycharities and complaints by donors and beneficiaries

• Limit board size to 15 members

The tone of the preceding proposals should be unmistakable. Publicpressure is mounting to have nonprofits come under a higher level ofscrutiny and regulation. Although only two provisions of SOX apply toboth nonprofit and publicly traded companies (whistleblower protectionand document preservation), visible compliance with SOX standards es-tablishes a “platinum standard” and a marketing competitive advantagethat can provide benefits to any nonprofit. Best practices that emerge fromSOX compliance include:

2 chapter 1 overview of the legislation

ch01_4386.qxd 2/10/05 10:09 AM Page 2




• Better competitive positioning by making known that the nonprofitadheres to the SOX platinum standard in its operating practices


SOX is the latest in a long progression of regulatory reform aimed atrectifying corporate misdeeds. A brief look at a segment of this country’seconomic history addresses the following questions:

• What events brought about legislation that addresses corporatemisdeeds?

• What areas of business and nonprofit operations are facing morescrutiny and why?

• What are the features of SOX and what are the best practices thatemerge from this law?

• Why have these best practices raised the bar for nonprofits?

Sox Has Its Roots in the Great Depression

The Great Depression, which began in 1929 and lasted more than a decade,was one of the deepest economic slumps to affect the United States, Eu-rope, and other industrialized countries. Although the actual causes of theGreat Depression are still intensely debated, some of the factors believed tocontribute to the Great Depression in the United States were the massstock speculation that occurred during the 1920s; a general imbalance ofpurchasing power and wealth in that a large percentage of the populationwas poor while a small percentage was very wealthy; the laissez-faire eco-nomic philosophy adhered to by Presidents Warren Harding (1920–1923),Calvin Coolidge (1923–1928), and Herbert Hoover (1929–1933); and the

what is the sarbanes-oxley legislation about? 3

ch01_4386.qxd 2/10/05 10:09 AM Page 3

catastrophic crash of stock prices on the New York Stock Exchange(NYSE) in 1929. On October 29, 1929, known as “Black Tuesday,” theU.S. stock market crashed, and the value of stock steeply plummeted.Black Tuesday was one of the worst trading days in the history of the stockmarket. Stock prices collapsed and most of the financial gains of the previ-ous year were wiped out within the first few hours of the market’s open-ing. Since most Americans viewed the stock market as the chief indicatorof the health of the economy, the 1929 crash destroyed public confidencein both the stock market and in the U.S. economy.

Stock value continued to fall for approximately three years, until late1932. By that time, stocks had lost 80 percent of their value from 1929. In-dividual investors suffered devastating losses; overnight, large fortunes sim-ply melted away with the decline in stock value. Many banks and otherfinancial institutions, particularly those holding a large portion of stocks intheir portfolios, also suffered severe losses in assets and by 1933, 11,000 ofthe 25,000 banks in the United States had failed. By 1932, the U.S. man-ufacturing output had declined to only 54 percent of its 1929 level, and un-employment had increased to between 12 and 15 million workers,approximately 25–30 percent of the labor force.

Truth in Securities Law

In part, the 1929 crash was blamed on wildly inflated stock prices, poormonetary policies imposed by the Federal Reserves Board, fraud, con-cealed or misleading financial information, the rampant buying of stock onmargin, and inadequate controls on trading in the U.S. market. In 1932,the newly elected President Franklin D. Roosevelt and Congress sought toregulate the market by imposing controls on trading and requiring organ-izations that were offering securities for public sale to provide financial andother significant information about the securities being offered. Two sig-nificant pieces of legislation were passed, one in 1933 and the second in1934. The Securities Act of 1933, which is frequently referred to as the“truth in securities” law, has two basic aims, to:

• Assure that investors are fully informed about the financial aspects ofsecurities being offered for sale

• Prohibit deceit, misrepresentations, and other fraud in securitiestransactions


ch01_4386.qxd 2/10/05 10:09 AM Page 4

The Securities Exchange Act of 1934 created the Securities and Ex-change Commission (SEC) and gave it the power to regulate many aspectsof the securities industry. The act also provided the SEC with the author-ity to require periodic reporting of financial information by organizationsthat offered publicly traded securities, and gave the SEC the power to reg-ister, regulate, and oversee brokerage firms, transfer agents, and the stockexchanges.

Some of the important powers these two acts gave the SEC include:

• Regulate and register stock exchanges

• Register all securities listed on an exchange

• Regulate investment advisers and all dealers and brokers who aremembers of an organized exchange

• Require that audited and current financial reports be filed with the SEC

• Set accounting standards

• Prohibit all forms of stock price manipulation, such as insider trading

The availability of properly audited and current financial reports en-ables investors to make informed and rational choices about whether toinvest in a particular company. The audited financial reports are availablefrom the organizations selling the securities in its stockholders’ annual re-ports. Most are also easily accessible from the SEC, through EDGAR, theonline Electronic Data Gathering, Analysis, and Retrieval system(www.sec.gov/edgar.shtml). EDGAR collects, validates, indexes, and dis-seminates the reports from companies that are required to file reportswith the SEC.

The SEC continues to protect investors today, adding stability to in-vestors’ confidence and the markets in general. Additional controls on themarket after the 1987 crash regarding program trading and the institutionof market shutdown mechanisms called circuit breakers helped to smoothout some of the volatility in the market. After the 1987 crash, the U.S.stock market appeared to be well regulated and well functioning.

Twenty-First Corporate and Accounting Scandals

At the beginning of the twenty-first century, the U.S. market and its in-vestors were stunned by a string of corporate and accounting scandals. For


ch01_4386.qxd 2/10/05 10:09 AM Page 5

several years, the Enron Corporation, an energy company, participated ina number of partnership transactions that lost the organization a substantialamount of money. In 2001, Enron reported that it had failed to followgenerally accepted accounting practices in its financial statements for 1997through 2001 by excluding these unprofitable transactions. In these erro-neous financial statements, the organization reported large profits when, infact, it had lost a total of $586 million during those years. Neither internalnor external controls detected the financial losses disguised as profits. Therevelation of the erroneous financial reporting led to a collapse in the priceof Enron stock. The price of Enron stock fell from $83 per share in De-cember 2000 to less than $1 per share in December 2001. However, someof Enron’s managers made millions of dollars by selling their companystock before its price plummeted. Other investors experienced substantiallosses, including Enron employees who had invested a large portion oftheir retirement portfolios in Enron stock.

Role of Arthur Andersen LLP The CPA firm of Arthur Andersen LLP,which had been one of the largest accounting firms in the world, served asEnron’s auditor throughout the years of erroneous statements. The firm al-legedly “overlooked” Enron’s questionable accounting practices since itwas making a large amount of money for providing Enron with consultingservices and did not want to lose the consulting business. The firm was in-dicted by the U.S. Department of Justice, and in 2002, Arthur AndersenLLP was convicted of obstructing justice for shredding Enron-related doc-uments requested by the SEC.

The WorldCom Debacle In 2002, WorldCom, Inc., a prominenttelecommunications company, admitted that it had failed to report morethan $7 billion in expenses over five quarterly periods. Its financial state-ments indicated that WorldCom had been profitable over those quarters,when the company had actually lost $1.2 billion. WorldCom’s marketworth plunged from $200 billion to only $10 billion in July. In July 2002,WorldCom filed for Chapter 11 bankruptcy, causing concerns among itsinvestors, creditors, and telecommunication customers.

Enron and WorldCom were not the only companies that had question-able financial statements. Other corporate and accounting scandals includedTyco, Adelphia Communications, Xerox, and Global Crossing. These


ch01_4386.qxd 2/10/05 10:09 AM Page 6

scandals understandably shook the public’s confidence in the capital mar-kets and in the integrity of corporate financial statements. In response tothe lack of public confidence and the downward plummet in the stockmarket, the 107th Congress passed the Public Company Accounting Re-form and Investor Protection Act, which was signed into law by PresidentGeorge W. Bush on July 30, 2002.

Importance of SOX

Many would agree that SOX is the single most important piece of legisla-tion affecting corporate governance, financial disclosure, and public ac-counting since the passage of the Securities Act of 1933 and the SecuritiesExchange Act of 1934. SOX contains sweeping reforms for issuers of pub-licly traded securities, auditors, corporate board members, and lawyers. Itadopts new provisions intended to deter and punish corporate and ac-counting fraud and corruption, and provides stiff penalties for noncompli-ance. In essence, SOX seeks to protect the interest of shareholders andemployees by improving the overall quality of financial reporting, inde-pendent audits, corporate accountability, and accounting services for pub-lic companies. As can be seen in Exhibit 1.1, SOX consists of 11 titles, witheach title having multiple sections.

Title I

Title I of SOX created a Public Company Accounting Oversight Board(PCAOB) that has extensive authority to regulate the auditors and audits ofpublicly held companies. The PCAOB is a nonprofit organization withstrong ties to the SEC. Partial funding for the PCAOB comes from theSEC, the SEC has the power to appoint the PCAOB’s chairperson andmembers, and the SEC must approve all rules and standards established bythe PCAOB. Only accounting firms that have been accepted for registra-tion with the PCAOB will be allowed to prepare or audit reports for com-panies registered with the SEC. Approval for registration with the PCAOBis based on a detailed application that requires the accounting firm to pro-vide information regarding its audit clients, internal quality control policiesand procedures, accounting personnel, licensure, and financial standing. Inaddition, approved firms must agree to undergo periodic inspections and


ch01_4386.qxd 2/10/05 10:09 AM Page 7

sox l i st ing of t i t les Exh ib i t 1 . 1and sect ions

Title Section

I. Public Company Accounting 101: Establishment, administrative provisionOversight Board 102: Registration with the Board

103: Auditing, quality control, andindependence standards and rules

104: Inspections of registered publicaccounting firms

105: Investigations and disciplinaryproceedings

106: Foreign public accounting firms107: Commission oversight of the Board108: Accounting standards109: Funding

II. Auditor Independence 201: Services outside the scope of practice ofauditors

Best Practices for nonprofits 202: Pre-approval requirementscome from this section 203: Audit partner rotation

204: Auditor reports to audit committees205: Conforming amendments206: Conflicts of interest207: Study of mandatory rotation of

registered public accounting firms208: Commission authority209: Considerations by appropriate State

regulatory authorities

III. Corporate Responsibility 301: Public company audit committees302: Corporate responsibility for financial

Best Practices for nonprofits reportscome from this section 303: Improper influence on conduct of audits

304: Forfeiture of certain bonuses and profits305: Officer and director bars and penalties306: Insider trades during pension fund

blackout periods307: Rules of professional responsibility for

attorneys308: Fair funds for investors

IV. Enhanced Financial Disclosures 401: Disclosures in periodic reports402: Enhanced conflict of interest provisions

Best Practices for nonprofits 403: Disclosure of transactions involving come from this section management and principal stockholders


ch01_4386.qxd 2/10/05 10:09 AM Page 8

Title Section

404: Management assessment of internalcontrols

405: Exemption406: Code of ethics for senior financial

officers407: Disclosure of audit committee financial

expert408: Enhanced review of periodic disclosures

by issuers409: Real-time issuer disclosures

V. Analyst Conflicts of Interest 501: Treatment of security analysts byregistered securities associations andnational security exchanges

VI. Commission Resources and 601: Authorization of appropriationsAuthority 602: Appearance and practice before the

Commission603: Federal court authority to impose penny

stock bars604: Qualifications of associated persons of

brokers and dealers

VII. Studies and Reports 701: GAO study and report regardingconsolidation of public accounting firms

702: Commission study and report regardingcredit rating agencies

703: Study and report on violators andviolations

704: Study of enforcement actions705: Study of investment banks

VIII. Corporate and Criminal Fraud 801: Short titleAccountability 802: Criminal penalties for altering documents

Document preservation 803: Debts nondischargeable if incurred in Whistleblower protection violation of securities fraud laws

804: Statue of limitations for securities fraudBest Practices for nonprofits 805: Review of Federal sentencing guidelines come from this section AND for obstruction of justice and extensiveSections 802 and 806 criminal fraud(Document preservation and 806: Protection for employees of publicly Whistleblower protection) traded companies who provide evidence are legal requirements of fraudfor ALL organizations, 807: Criminal penalties for defraudingincluding nonprofits shareholders of publicly traded

companies

(continues)


ch01_4386.qxd 2/10/05 10:09 AM Page 9

provide annual reports to the PCAOB. Additional funding for the PCAOBwill come from fees paid by the registered accounting firms.

The PCAOB has the authority to establish standards and rules regardingthe content of audits, the accounting firm’s internal quality control policiesand procedures, and the length of time that documents related to an auditmust be retained. While the PCAOB does not have the direct power to setaccounting standards, a separate accounting standards organization will de-velop the standards that the PCAOB will use.


sox l i st ing of t i t les Exh ib i t 1 . 1and sect ions (cont inued )

Title Section

IX. White Collar Crime Penalty 901: Short title902: Attempts and conspiracies to commit

Best Practices for nonprofits criminal fraud offensescome from this section 903: Criminal penalties for mail and wire

fraud904: Criminal penalties for violations of the

Employee Retirement Income SecurityAct of 1974

905: Amendment to sentencing guidelinesrelating to certain white-collar offenses

906: Corporate responsibility for financialreports

X. Corporate Tax Returns 1001: Sense of the Senate regarding thesigning of corporate tax returns by chiefexecutive officers

XI. Corporate Fraud and 1101: Short titleAccountability 1102: Tampering with a record or otherwise

impeding an official proceedingBest Practices for nonprofits 1103: Temporary freeze authority for the come from this section, AND Securities and Exchange CommissionSection 1107 (Retaliation 1104: Amendment to the Federal Sentencing against informants) is a Guidelineslegal requirement for ALL 1105: Authority of the Commission to prohibit organizations, including persons from serving as officers or nonprofits! directors

1106: Increased criminal penalties underSecurities Exchange Act of 1934

1107: Retaliation against informants

ch01_4386.qxd 2/10/05 10:09 AM Page 10

Nonprofits currently don’t have a government-sponsored watchdog likethe PCAOB, and the PCAOB currently has no authority over nonprofitorganizations. The word currently is an important word in the previous sen-tence. Public and governmental policymakers have a growing concernabout the performance and integrity. As discussed earlier, some states arealready discussing SOX-like legislation that would cover nonprofits. Thenonprofit industry just may end up with a watchdog similar to the PCAOB.

Title II

Title II of SOX details the rules to establish independence of the auditorfrom the company being audited. It defines which additional services theauditing firm may and may not provide, defines and prohibits conflicts ofinterest between auditors and the audited company, requires that the au-dited firm rotate its auditors on a regular basis, and requires the auditingcommittee of the audited company to be responsible for the oversight ofits auditors. We discuss how this title can be used to help a nonprofit de-velop a SOX-like operating standard in Chapter 2.

Titles III and IV

Titles III and IV of SOX detail the responsibilities and roles the auditedcompany plays in regard to the audit and reports. For example, the princi-pal executive and financial officers of the company are directly responsiblefor certifying that the information in the annual or quarterly reports re-quired by the SEC Act of 1934 is accurate, complete, and fairly presented.In addition, there are rules regarding insider trading, and the professionalresponsibility for attorneys to report violations of securities law or breechof fiduciary duty. The titles also outline the disclosure requirements of rel-evant financial information, such as off-balance-sheet arrangements andrelationships. How these titles can be used to help a nonprofit develop aSOX-like operating standard is the topic of Chapters 2, 3, and 4.

Titles V, VI, and VII

Titles V, VI, and VII primarily provide details regarding security analysts,appropriations, and various studies and reports performed by the GAOand others. While these titles are important in terms of establishing and


ch01_4386.qxd 2/10/05 10:09 AM Page 11

implementing SOX, they are not directly relevant to the “best practices”that can be gleaned from the legislation. These titles will thus not be dis-cussed in any detail.

Titles VIII, IX, X, and XI

Titles VIII, IX, X, and XI outline the penalties for securities fraud, docu-ment destruction or alteration; create whistleblower protection for em-ployee informants; and establish corporate responsibility for financial reports.Title IX provides that each periodic report containing financial statementsfiled with the SEC must be accompanied by a written statement by the is-suer’s CEO and CFO certifying that the report fully complies with the1934 Act and that information contained in the periodic report “fairlypresents, in all material respects, the financial condition and results of op-erations of the issuer.” How these titles can be used to help a nonprofit de-velop a SOX-like operating standard is presented in Chapters 3, 4, and 5.

Relevance of SOX to Nonprofits

Currently, only a few of the provisions in SOX directly apply to nonprofitorganizations. Nonprofits are required to adhere to Title III, Section 806,and Title XI, Section 1107, which provide protection to employees whoreport suspected fraud or other illegal activities. In addition, Title VIII,Section 802, and Title XI, Section 1102, which address the destruction orfalsification of records or documents, apply to nonprofits.

The nonprofit sector has recently experienced its own recent scandals ofperceived wrongdoing and fiscal mismanagement. For example, the UnitedWay and the American Red Cross have received substantial unfavorablemedia coverage of their apparent failures in accountability and adherence tomission. Incidents such as these have cast the nonprofit sector in an unfa-vorable light, and have damaged the public’s trust in the integrity and thepublic benefit of nonprofits. While it is true that the majority of the SOXprovisions currently only apply to publicly traded corporations and not tononprofit organizations, nonprofits could benefit operationally from adopt-ing some of the SOX rules as “best practices.” In addition, voluntarily ad-hering to the SOX “gold standards” would create greater credibility andability to recruit high-quality board members, as well as attracting the fa-vorable attention of major donors, foundations, and other funding sources.


ch01_4386.qxd 2/10/05 10:09 AM Page 12

If the nonprofit sector wants to obtain its current level of relative self-regulation, nonprofit leaders need to make a visible effort to improve org-anizational governance and accountability. If this does not occur, nonprofitsmay come under additional unwanted regulation by the government. Somestate attorneys general have already suggested that additional provisions ofSOX should be applied to nonprofits. The nonprofit sector needs to showthe government and the public that it can effectively regulate nonprofitgovernance to avoid the imposition of external regulation.

In the remaining chapters of this book, we focus on the provisions ofSOX that directly apply to nonprofit organizations, and those provisionsthat could serve as “best practices” for the nonprofit sector.

Current Legislative Environmentfor Nonprofits

U.S. Senate Finance Committee Hearings on NonprofitAccountability, June 2004

Although the features of the SOX legislation may on the surface appear tohave more impact on the private sector, the public sector (i.e., govern-ment) push for greater accountability includes the independent sector (i.e.,the nonprofit world) as well. This section discusses the recent United StatesSenate Finance Committee June 22, 2004 hearings on Charitable GivingProblems and Best Practices, along with the highlights of recent California“Sarbanes-Oxley clone” legislation (SB1262) signed into law on Septem-ber 29, 2004. The common theme of the testimony of witnesses, the Con-gressional staff papers, and the California “Nonprofit Integrity Act”(SB1262) is that nonprofit organizations have, through fiscal and gover-nance abuses, diminished public trust. Public outrage fueled these Con-gressional hearings on nonprofit abuses. Further reports of financial andgovernance mismanagement appear on an almost daily basis—sometimeseven in the “Food” section of the newspaper.1

Internal Revenue Service Commissioner’s Testimony As part of theSenate Finance Committee’s June 2004 hearings on nonprofit accounta-bility, Mark W. Everson, the commissioner of the IRS, provided somevery sobering testimony on that agency’s plans for oversight and enforce-ment of the nonprofit sector. The following excerpts of Mr. Everson’s

current legislative environment for nonprofits 13

ch01_4386.qxd 2/10/05 10:09 AM Page 13

testimony should leave no doubt about the IRS’ short-term agenda forbringing about nonprofit accountability.

We can be proud of the vast majority of exempt organizations that are fullyand effectively carrying out their important missions. I must emphasize thatmy remarks, which by necessity will focus on problems we have observed,should not be interpreted as an indictment of the tax-exempt sector. Thevast majority of tax-exempt entities carry out their valuable role in fullcompliance with the letter and spirit of the laws. As you know, the Ad-ministration strongly supports efforts to encourage and support donations toour Nation’s charities. The Administration’s FY 2005 Budget includes anumber of tax relief proposals designed to stimulate charitable giving.However, I share your concern that some entities are using their status toachieve ends that Congress clearly did not intend when it conferred theprivilege of tax-exemption.

Before I begin, let me give you a few statistics on the population I amhere to discuss. When the subject of tax-exempt organizations arises, wecommonly think of charities. This is understandable, given the prominentand valuable role of charitable organizations. But the tax-exempt sector isfar broader. The approximately 3,000,000 tax-exempt entities include al-most 1,000,000 section 501(c)(3) charities and almost 1,000,000 employeeplans . . . This sector is a vital part of our nation’s economy that employsabout one in every four workers in the U.S. In addition, nearly one-fifthof the total U.S. securities market is held by employee plans alone. As I willdiscuss, there are abuses of charities that principally rely on the tax advan-tages conferred by the deductibility of contributions to those organizations.

If these abuses are left unchecked, I believe there is the risk that Amer-icans not only will lose faith in and reduce support for charitable organiza-tions, but that the integrity of our tax system also will be compromised. Iam committed to combating abuse in this area. We recently released ourIRS Strategic Plan for 2005-2009. Along with improving service and mod-ernizing our computer systems, one of our strategic goals is to enhance en-forcement of the tax law . . . Historically, IRS functions regulatingtax-exempt entities have not been well funded due to the lack of revenuethey generated. This view is misdirected in light of the size and importanceof the sector. With staffing in this area flat at best and with the number ofcharities increasing annually, our audit coverage has fallen to historicallylow levels, compromising our ability to maintain an effective enforcementpresence in the exempt organizations community. One of our four specificobjectives is to deter abuse within tax-exempt and governmental entities,


ch01_4386.qxd 2/10/05 10:09 AM Page 14

and misuse of these entities by third parties for tax avoidance or other un-intended purposes . . .

The Administration’s FY 2005 Budget contains a number of legislativeproposals, originally announced by the Treasury Department in March 2002to combat abusive transactions. These proposals include statutory changesthat would create better, coordinated disclosure of abusive transactions . . .although the Administration is committed to encouraging gifts to charity, italso wants to ensure that taxpayers are accurately valuing property they do-nate to charity . . .

[Governance] In recent years there have been a number of very promi-nent and damaging scandals involving corporate governance of publiclytraded organizations. The Sarbanes-Oxley Act has addressed major con-cerns about the interrelationships between a corporation, its executives, itsaccountants and auditors, and its legal counsel. Although Sarbanes-Oxleywas not enacted to address issues in tax-exempt organizations, these entitieshave not been immune from leadership failures. We need go no furtherthan our daily newspapers to learn that some charities and private founda-tions have their own governance problems. Specifically, we have seenbusiness contracts with related parties, unreasonably high executive com-pensation, and loans to executives. We at the IRS also have seen an appar-ent increase in the use of tax-exempt organizations as parties to abusivetransactions. All these reflect potential issues of ethics, internal oversight,and conflicts of interest . . .

[Using credit counseling nonprofits as an example] We are focusing our auditresources on those organizations with the highest risk of noncompliancewith tax law. We have selected 50 tax-exempt credit counseling organiza-tions for examination; the majority of these examinations are currently un-derway. The balance will be assigned to agents by the end of this fiscal year.To date, we have initiated and will be pursuing the use of proposed revoca-tions of exemption of credit counseling organizations in appropriate cir-cumstances. We also plan to seek injunctions and penalties against bothindividuals and companies for promoting fraudulent tax schemes.

[Regarding Excessive Executive Compensation] [We] will use all tools avail-able to ensure that these organizations act lawfully, including revokingtax-exempt status where warranted. Compensation Issues: The issues of gov-ernance and executive compensation are closely intertwined. We are con-cerned that the governing boards of tax-exempt organizations are not, in allcases, exercising sufficient diligence as they set compensation for the leader-ship of the organizations. There have been numerous recent reports of ex-ecutives of both private foundations and public charities who are receiving


ch01_4386.qxd 2/10/05 10:09 AM Page 15

unreasonably large compensation packages. Neither a public charity nor aprivate foundation can provide more than reasonable compensation . . . Ingeneral, reasonable compensation is measured with reference to the amountthat would ordinarily be paid for comparable services by comparable enter-prises under comparable circumstances . . .

Section 501(c)(3) provides that the assets of an organization cannot inureto the benefit of private shareholders or individuals. If an organization paysor distributes assets to insiders in excess of the fair market value of the serv-ices rendered, the organization can lose its tax exempt status . . . This sum-mer (2004), we are launching a comprehensive enforcement project toexplore the seemingly high compensation paid to individuals associated withsome exempt organizations. This is an aggressive program that will includeboth traditional examinations and correspondence compliance checks . . .These organizations need to know that their decisions will be reviewed byregulatory authorities . . . Organizations also will be asked for details con-cerning the independence of the governing body that approved the com-pensation and details of the duties and responsibilities of these managerswith respect to the organization. Other stages will follow, and will includelooking at various kinds of insider transactions, such as loans or sales to ex-ecutives and officers.

[Form 990] We also will be looking at organizations that failed to, or didnot fully complete, compensation information on Form 990. This informa-tion will help inform the IRS about current practices of self-governance,both best practices and compliance gaps, and will help us focus our exami-nation program to address specific problem areas.

[Coordination with Other Federal Agencies] We work with other federalagencies in a number of areas. For example, we continue to engage in in-formation sharing with the FTC to learn more about the credit counselingindustry . . . We expect to continue this mutually beneficial relationship andfind other ways to leverage our scarce resources.

[Enhancing Governance—The Need for More Outreach] As I discussed above,stronger governance procedures are needed for exempt organizations. Thesanctions for serious lapses in governance are clear. There is the possibilityof revocation of exemption, along with the various excise taxes against in-dividuals that I mentioned before. But sanctions are a last resort . . . organi-zations without effective governance controls are more likely to havecompliance problems . . . [The IRS will] require disclosure of whether theorganization has a conflict of interest policy or an independent audit com-mittee, and whether additional disclosure should be required concerningcertain financial transactions or insider relationships . . . Our Form 990 revi-


ch01_4386.qxd 2/10/05 10:09 AM Page 16

sion team is working on a comprehensive overhaul of the form to providebetter compliance information about these organizations to the IRS, thestates, and the public . . .

[Vehicle Donations] For a taxpayer, donating a car to a charity has definiteappeal. One can help a charitable cause, dispose of the car, and take advan-tage of tax provisions that are designed to support the generosity of Ameri-cans. Deductions are limited to the fair market value of the property. In itsrecent study, the GAO estimated that about 4,300 charities have vehicle do-nation programs. In its review of returns for tax year 2000, the GAO esti-mated that about 733,000 taxpayers claimed deductions for donated vehiclesthey valued at $500 or more. Highly troubling is GAO’s analysis of 54 spe-cific donations, where it appears that the charity actually received less than10% of the value claimed on the donor’s return in more than half the cases,and actually lost money on some vehicles . . . we cannot ignore the clear im-plications of the study . . . We are educating donors and charities on whatconstitutes a well-run donation program . . . We will be partnering with thestates to distribute the brochures to the fundraising community, as the statesregulate fundraising activity.2

Staff Discussion Paper—Senate Finance Committee Subsequent tothe hearings and testimony, a staff discussion paper was released with rec-ommendations for closer regulation of nonprofits. Currently, these are sim-ply a series of recommendations by Congressional staff, but the tone andreach of the recommendations should be taken seriously by every nonprofitregardless of size.

The preface to the document instructs the reader that, “The documentreflects proposals for reforms and best practices in the area of tax-exemptorganizations based on staff investigations and research as well as propos-als from practitioners, officers and directors of charities, academia andother interested parties. This document is a work in progress and is meantto encourage and foster additional comments and suggestions as the Fi-nance Committee continues to consider possible legislation.” (SenateFinance Committee Staff Discussion Draft, p. 1, 2004.)

Some of the proposals in this document include:

Five-year review of tax-exempt status by the IRS. The staff discussion draftrecommends that:

On every fifth anniversary of the IRS’ determination of the tax-exempt status of an organization that is required to apply for such status,


ch01_4386.qxd 2/10/05 10:09 AM Page 17

the organization would be required to file with the IRS such informa-tion as would enable the IRS to determine whether the organizationcontinues to be organized and operated exclusively for an exempt pur-poses (i.e., whether the original determination letter should remain ineffect). Information to be filed would include current articles of incor-poration and by-laws, conflicts of interest policies, evidence of accredi-tation, management policies regarding best practices, a detailed narrativeabout the organization’s practices, and financial statements.

What would this mean for nonprofits? This recommendation would requirenonprofits to submit documentation every five years that proves to the IRSthat the organization continues to comply with its 501(c )(3) designation.

The list of documents specified here are particularly enlightening aboutthe intent of this proposal:

• Current articles of incorporation and by-laws. The nonprofit would needto be clear about how its operations and governance continues to bein harmony with its founding documents.

• Conflicts of interest policies. The nonprofit would have to provide evi-dence of a conflict of interest policy and, most likely, proof that boardmembers and senior management have completed annual affidavitsidentifying real or potential conflicts of interest.

• Evidence of accreditation. This document would be based on anotherrecommendation, which is that nonprofits be required to obtain spe-cific accreditation. (This recommendation is discussed later in thissection.)

• Management policies regarding best practices. The nonprofit would be re-quired to develop and submit written policies that demonstrate thatthe organization is implementing best practices in management andgovernance.

• A detailed narrative about the organization’s practices. This documentwould require the nonprofit to provide a detailed explanation aboutwhat the organization does, and why it is necessary/desirable in thecommunity.

• Financial statements. These financial statements would be supplemen-tal to the Form 990 that is required on an annual basis.


ch01_4386.qxd 2/10/05 10:09 AM Page 18

Form 990s—Proposals for Reform The staff discussion draft recom-mends that:

Improve quality and scope of form 990 and financial statements. In a report tothe Finance Committee, the General Accounting Office found signifi-cant problems in the accuracy and completeness of Form 990. Otherstudies, included by the General Accounting Office, have highlightedthat there are no common standards for filing Form 990 and thus simi-larly situated charities can have very different Form 990s. Because of thesignificant role played by Form 990 in public and governmental over-sight of tax-exempt organizations, some reforms are necessary to ensureaccurate, complete, timely, consistent, and informative reporting by ex-empt organizations.

What does this mean for nonprofits? The IRS recognizes that there are nocommon standards for completion of Form 990. The reform proposal seeksto identify reforms that will introduce a standardized way to submit Form990s.

Form 990s would require signature by CEO. Require that the CEO (orequivalent officer) of a tax-exempt organization sign a declaration underpenalties of perjury that the CEO has put in place processes and proce-dures to ensure that the organization’s Federal information return andtax return (including Form 990T) complies with the Internal RevenueCode and that the CEO was provided reasonable assurance of the accu-racy and completeness of all material aspects of the return. This declara-tion would be part of the information or tax return.

What does this mean for nonprofits? This proposal would require a non-profit CEO to sign an affidavit that under penalties of perjury . . . that the or-ganization’s Form 990 complies with the Internal Revenue Code and thatthe CEO is providing assurance of the accuracy and completeness of allmaterial aspects of the return. (The financials accurately reflect the finan-cial position of the nonprofit.) This affidavit would be part of the informa-tion or tax return.

Based on recent events in the nonprofit world, if this proposal was law,there would be some very high-profile nonprofit executives going to jail.The recommendation here is clearly that nonprofit executives and board


ch01_4386.qxd 2/10/05 10:09 AM Page 19

members should be held to the same criminal liability standards as those oftheir private sector counterparts.

Penalties for failure to file a complete and accurate Form 990. The present lawpenalty for failure to file or to include required information is $20/dayup to the lesser of $10,000 or 5 percent of gross receipts per return (in-creased to $100/day up to $50,000 per return for organizations withgross receipts over $1 million in a year). Under the proposal, the penaltyfor failure to file would be doubled, and for organizations with gross re-ceipts over $2 million per year, the present law penalty would be tripled.Failure to file a required Form 990 for two consecutive years (or forthree of four years) could result in loss of tax exemption, or other penal-ties such as loss of status as an organization to which deductible contri-butions may be made.

What does this mean for nonprofits? There will be severe penalties for fail-ing to file a Form 990. The proposals recommend loss of tax exemption,or loss of status as an organization to which deductible contributions maybe made. For a nonprofit, this means the organization can no longer telldonors that their contributions are tax exempt. In other words, the “non-profit” is out of business.

Required disclosure of performance goals, activities, and expenses in Form 990and in financial statements. Charitable organizations with over $250,000 ingross receipts would be required to include in Form 990 a detailed de-scription of the organization’s annual performance goals and measure-ments for meeting those goals (to be established by the board ofdirectors) for the past year and goals for the coming year. The purposeof this requirement would be to assist donors to better determine an or-ganization’s accomplishments and goals in deciding whether to donate,and not as a point of review by the IRS. Charitable organizations wouldbe required to disclose material changes in activities, operations, orstructure. Charitable organizations would be required to accurately re-port the charity’s expenses, including any joint cost allocations, in its fi-nancial statements and Form 990. Exempt organizations would berequired to report how often the board of directors met and how oftenthe board met, without the CEO (or equivalent) present.


ch01_4386.qxd 2/10/05 10:09 AM Page 20

What does this mean for nonprofits? Transparency is the predominanttheme of these recommendations. The Congressional staff may have beenspurred on by the volume of public complaints about nonprofit organiza-tions that, for every donor dollar, contribute very little to programs. In re-cent years, the media has conducted many investigations of bogus charities,and certainly, some charities that are “household names” have abuseddonor trust by misdirecting donations to exorbitant salaries, expenses, andother abuses. Note that these disclosures are required to be presented onForm 990. The accuracy of these disclosures could carry criminal liabilityif the other proposal on CEO signatures is enacted into law.

Nonprofits Would Be Required to Make Certain Documents PubliclyAvailable Public oversight is critical to ensuring that an exempt organi-zation continues to operate in accordance with its tax-exempt status. Forcharitable organizations, public oversight provides donors with vital infor-mation for determining which organizations have the programs and prac-tices that will ensure that contributions will be spent as intended. Oversightis facilitated under present law by mandated public disclosure of informationreturns and applications for tax-exempt status, but more can be done.

Disclosure of financial statements. Exempt organizations would be requiredto disclose to the public the organization’s financial statements.

Web site disclosure. Exempt organizations with a Web site would be re-quired to post on such site any return that is required to be made pub-lic by present law, the organization’s application for tax exemption, theorganization’s determination letter from the IRS, and the organization’sfinancial statements for the five most recent years.

What does this mean for nonprofits? Although the text recognizes that thereare current public oversight opportunities, the authors comment that thenonprofit world could be doing more to provide transparency. The recom-mendations are, again, aimed at ensuring that the public has access to infor-mation that would be vital to their making a decision to make a donation.Of particular note is the recommendation that the nonprofit’s Web site beemployed to present those documents currently required (Form 990), and:

• The organization’s application for tax exemption


ch01_4386.qxd 2/10/05 10:09 AM Page 21

• The organization’s determination letter from the IRS

• The organization’s financial statements from the five most recent years

Proposals Regarding Nonprofit Boards

Board Duties The duties of a board that are described in this documentwould also be the duties of a trustee for a charitable trust. A charitable or-ganization shall be managed by its board of directors or trustees (in the caseof a charitable trust). In performing duties, a board member has to performhis or her duties in good faith; with the care an ordinarily prudent person ina like position would exercise under similar circumstances; and in a mannerthe director reasonably believes to be in the best interests of the mission,goals, and purposes of the organization. An individual who has special skillsor expertise has a duty to use such skills or expertise. Federal liability forbreach of these duties would be established. Any compensation consultantto the charity must be hired by and report to the board, and must be inde-pendent. Compensation for all management positions must be approved an-nually and in advance unless there is no change in compensation other thanan inflation adjustment. Compensation arrangements must be explained andjustified and publicly disclosed (with such explanation) in a manner that canbe understood by an individual with a basic business background.

The board must establish basic organizational and management policiesand procedures of organization and review any proposed deviations. Theboard must establish, review, and approve program objectives and per-formance measures, and review and approve significant transactions. Theboard must review and approve the auditing and accounting principles andpractices used in preparing the organization’s financial statements, and mustretain and replace the organization’s independent auditor. An independentauditor must be hired by the board, and each such auditor may be retainedonly five years. The board must review and approve the organization’sbudget and financial objectives as well as significant investments, joint ven-tures, and business transactions. The board must oversee the conduct of thecorporation’s business and evaluate whether the business is being properlymanaged.

The board must establish a conflicts-of-interest policy (which would berequired to be disclosed with Form 990), and require a summary of con-flicts determinations made during the 990 reporting year. The board must


ch01_4386.qxd 2/10/05 10:09 AM Page 22

establish and oversee a compliance program to address regulatory and lia-bility concerns.

The board must establish procedures to address complaints and preventretaliation against whistleblowers. All of these requirements must be con-firmed on Form 990. Relaxation of certain of these rules might be appro-priate for smaller tax-exempt organizations.

Board Composition The board shall be comprised of no less than 3 mem-bers and no greater than 15.

What does this mean for the nonprofits? The proposals for reform indicatethat the traditional legal standards of care, loyalty, and obedience could beincorporated into a law governing board member behavior. The proposalclearly indicates that the board is regarded as the final authority in the man-agement of the nonprofit organization, and as such, will be held accountablefor the implementation of such policies as a Conflict of Interest policy anda Whistleblower Protection policy. Board size appears to be capped at 15,but the authors did not present clear reasons for this limitation.

The entire board could now be held directly accountable for the execu-tive director’s (ED) compensation package. Many nonprofit boards do nothave access to the compensation package of the ED, as this has come underthe exclusive purview of the board’s executive committee.

Proposals for Government Encouragement of Best Practices

Accreditation There would be an authorization of $10 million to the IRSto support accreditation of charities nationwide, in states, as well as ac-creditation of charities of particular classes (e.g., private foundations, landconservation groups, etc.). The IRS would have the authority to contractwith tax-exempt organizations that would create and manage an accredi-tation program to establish best practices and give accreditation to membersthat meet best practices and review organizations on an ongoing basis forcompliance. The IRS would have the authority to base charitable status orauthority of a charity to accept charitable donations on whether an organ-ization is accredited.

What does this mean for nonprofits? This proposal seeks to empower theIRS with the authority to require accreditation of nonprofits as a requisiteto accepting charitable donations. The authors are seeking to empower


ch01_4386.qxd 2/10/05 10:09 AM Page 23

the IRS to add another layer of compliance to the Form 990 proposals andfive-year reauthorization of nonprofits.

The staff discussion draft recommends the following oversight provisions:

• Establish Exempt Organization Hotline for reporting abuses by char-ities and complaints by donors and beneficiaries.

• Information sharing with State Attorneys General, the Federal TradeCommission (FTC), and the U.S. Postal Service for enforcement pur-poses, including referrals by the IRS and an annual report to Congressby the General Accounting Office of the results of such referrals.

The staff discussion draft recommends that:This proposal would establish a hotline for anyone anywhere to file

complaints about nonprofits and/or report abuses. Whether this is ananonymous hotline remains to be seen, but the authors appear to want tocollect this information at a national level. How the complaints and claimswould be investigated and by what agency remains to be seen.

California’s “Nonprofit Integrity Act” (SB1262)

Provisions That Apply to Nonprofits with Budgets in Excess of $2Million: The state of California passed a “Nonprofit Integrity Act” thatimposes many of the features of SOX on nonprofits with budgets in excessof $2 million operating in that state.

Some of the key provisions of this law include:

• Nonprofits will be required to have an annual audit performed by aCPA who is “independent” as defined by U.S. Government auditingstandards.

• The results of the audit will need to be made available to the publicand the Attorney General.

• Nonprofits will be required to have an audit committee whose mem-bership cannot include staff and must not overlap more than 50 per-cent with the finance committee; the audit committee can includemembers who are not on the organization’s board of directors.

What does this mean for nonprofits in California? To ensure greater ac-countability in executive compensation, the law requires that the board ap-


ch01_4386.qxd 2/10/05 10:09 AM Page 24

prove the compensation, including benefits, of the corporation’s presidentor CEO, and its treasurer or CFO, for the purposes of assuring that theseexecutives’ compensation packages are reasonable.

What does this mean for nonprofits in California? Requires disclosure ofwritten contracts between commercial fundraisers and nonprofits and avail-able for review on demand from the Attorney General’s office. Fundrais-ers must be registered with the Attorney General’s office.

The following points in the law apply to all nonprofits, regardless of size,in California:

• Make their audits available to the public on the same basis as their IRSForm 990 if they prepare financial statements that are audited by aCPA.

• Except for emergencies, notice of a solicitation campaign by a “com-mercial fundraiser for charitable purposes” must be filed at least 10days before the commencement of the solicitation campaign, events,or other services. Each contract must be signed by an official of thenonprofit, and include the contract provisions specified in the law.

• Regarding fundraising activities, the law states that a nonprofit mustnot misrepresent or mislead anyone about its purpose, or the nature,purpose, or beneficiary of a solicitation. Further, the law specifies thatthere be specific disclosures in any solicitation that the funds raisedwill be used for the charitable purpose as expressed in articles of in-corporation or other governing documents. The nonprofit is ex-pected to ensure that fundraising activities are adequately supervisedto ensure that contracts and agreements are in order and that fundrais-ing is conducted without intimidation or undue influence.

What does this mean for nonprofits in California? Nonprofits in California,regardless of their size, need to review their fundraising practices, particu-larly if some or all of their fundraising is outsourced to commercialfundraising firms. Nonprofits will be liable for abuses by vendors offundraising services. As a practical matter, boards should insist that due dili-gence activities be conducted before contracting with any vendor, partic-ularly those providing fundraising services. The California law, however,places strict parameters around third-party fundraising.

conclusion 25

ch01_4386.qxd 2/10/05 10:09 AM Page 25

Conclusion

The legislative environment is emphasizing greater accountability for boththe private and independent (nonprofit) sectors of the economy. As wasseen in the California law, the best practices that emerged from the federallegislation are now being applied to nonprofits. Although California is oneof the first states to enact such a law, other states such as New York areconsidering similar laws. In each of the chapters in this book, we focus onthe provisions of SOX that directly apply to nonprofit organizations,and those provisions that could serve as “best practices” for the nonprofitsector.

Endnotes1. “Financial irregularities prompt shakeups at Beard Foundation,” San Francisco Chronicle

(September 15, 2004).2. Mark W. Everson, testimony before the U.S. Senate Finance Committee, Washington,

DC, June 2004.


ch01_4386.qxd 2/10/05 10:09 AM Page 26

27

Safeguarding Your Nonprofit’sFinancial Resources and Assets:Establishing AuditorIndependence and AuditCommittee Competence

Barbara and Phil, two board members of a small nonprofit, were dis-cussing the latest disaster to hit the organization. After filing Form 990, thetax return most nonprofits prepare for the IRS, the nonprofit was notifiedby the IRS that it had several serious questions about some of the items re-ported on the form. If the nonprofit could not satisfactorily respond tothese questions, it was at risk of losing its tax exemption status. “I don’t un-derstand how this could have happened,” exclaimed Phil. “Our ED alwaysprepares the statements and then they are audited. We’ve always receivedgood reports from our auditor; why weren’t these problems found in theaudit?” Barbara shook her head. “I don’t understand it either. We’ve usedthe same auditor for the last 15 years and he works very closely with theED on all of our financial statements. If I recall correctly, the auditor wasone of our senior staff members before he left to join the accounting firm.When the ED hired him as our auditor, we all thought it was a great ideato work with someone who already had a good relationship with the ED

Chapter 2

ch02_4386.qxd 2/10/05 10:10 AM Page 27

and knew the workings of our organization. We do a lot of work with thisauditor; just last year, he helped us design our record keeping and ac-counting systems and he’s been working with the ED to help conduct theinternal audit of the financial statements.” “Yes,” said Phil, “this auditorhas also been a big help to the finance committee. None of us is an ac-countant or deals with financial statements in our work, so it was a big re-lief to turn all of the financial statements over to the auditor and the ED.We thought it would be better to let the professionals deal with it, insteadof us trying to figure out all the financial information.” “Well, said Barbara,“I’m certainly not looking forward to this emergency board meetingtonight. I’m sure it’s not going to be pretty.”

Where did this nonprofit organization go wrong? Could this disasterhave been avoided?

SOX Titles II and III

Both Barbara and Phil are apparently unaware of their fiduciary responsi-bilities and their legal liability for performing those responsibilities well.The best practices that can be derived from SOX Titles II and III wouldhelp Barbara and Phil better understand and meet their responsibilities.Title II of SOX primarily concerns the requirement that the auditor be in-dependent from the organization being audited. As discussed in Chapter 1,one of the main alleged causes of the Enron debacle was Enron’s inappro-priate relationship with its auditor, the CPA firm of Arthur Andersen LLP.Allegedly, Arthur Andersen LLP was biased toward giving Enron’s finan-cial statements a clean bill of health due to the highly profitable consultingrelationship the firm had with Enron. To preserve this lucrative relation,the firm may have overlooked errors and misleading information inEnron’s financial statements. To get a critical review of the financial state-ments, it should be apparent that having an independent auditor is neces-sary. Title II also contains the legal requirements and responsibilities for theaudit committee of the organization being audited. Some of the primaryduties are the selection, compensation, and oversight of the auditor. Theaudit committee must frequently rotate auditors and ascertain that there isno conflict of interest. In addition, the audit committee must work withthe principal executive and financial officers to ensure that the organiza-tion’s internal financial control systems are in place and working well.

28 chapter 2 safeguarding your nonprofit’s assets

ch02_4386.qxd 2/10/05 10:10 AM Page 28

Although Titles II and III don’t legally apply to nonprofits, complyingwith them will help a nonprofit better manage its financial status, and couldultimately save the nonprofit from going “belly up”. Before Barbara andPhil can begin to apply Titles II and III, however, they need to become fi-nancially literate. In achieving financial literacy, this chapter and Chapters3 and 10 will be helpful to them and to you, too.

The Value of AccurateFinancial Statements

Financial statements present information about an organization’s financialresources and liabilities at a point in time, the results of its activities duringa particular period, and its flow of cash during that period. In the for-profitworld, these statements focus on information that is useful in making in-vestment and lending decisions. In the nonprofit world, they are useful forlenders, donors, funding organizations, and other stakeholders to ascertainthe financial viability of the nonprofit and to judge how well, or poorly,the nonprofit is being managed. In addition, the IRS requires nonprofits toreport financial information to determine if the nonprofit is eligible tokeep its tax-exempt status under section 501(c)(3) in the Internal RevenueCode. Having accurate financial statements is thus in the best interest ofany nonprofit! What can a nonprofit do to assure that its financial state-ments are accurate and in good order?

Financial statements should be prepared using a set of common groundrules, which have been developed over a period of many years, and arecalled generally accepted accounting principles (GAAP). GAAP includes therules and procedures that define accepted practice in the preparation of fi-nancial statements. Since the passage of the Securities Act of 1933 and theSecurities Exchange Act of 1934, the SEC has had the authority to set ac-counting standards for publicly held companies. However, the SEC tradi-tionally has relied on private sector bodies such as the Financial AccountingStandards Board (FASB) to make recommendations regarding accountingstandards. The FASB also sets the accounting standards for nonprofit or-ganizations. For example, FASB Standard No. 117 established the requiredformat and content for the general-purpose external financial statementsprovided by a nonprofit organization. Two objectives of the standard areto increase the comparability of nonprofit financial statements with those

the value of accurate financial statements 29

ch02_4386.qxd 2/10/05 10:10 AM Page 29

issued by for-profit organizations and to increase the usefulness of the state-ments to external users. FASB Standard No. 116 outlines the reporting re-quirements for contributions made to and from the nonprofit, andestablished three categories of contributions—unrestricted, temporarily re-stricted, and permanently restricted. Adhering to GAAP is one of the firststeps in effective financial reporting that a nonprofit can take.

The Importance of a Good Audit

Since potential lenders, donors, funding organizations, and other stake-holders use the financial statements to make decisions about a nonprofit’sfinancial health, it is important that the statements present an accurate rep-resentation of the nonprofit’s financial status. Otherwise, the stakeholdersof the nonprofit may make poor decisions about making loans, giving con-tributions, or providing funding. One way of increasing the likelihood ofaccuracy is to have the statements audited. An audit is the examination ofthe financial statements by an independent public accounting firm in orderto form an opinion regarding the statements’ adherence to GAAP. Thistype of audit is an external audit, as the individual performing the auditshould not be directly connected with the organization being audited.Once the audit is complete, the auditor prepares the auditor’s report,which contains the auditor’s opinion regarding the financial statements.The auditor’s report is also known as the “Report of IndependentAccountants.”

What Are the Types of Opinions and What Do They Mean?

The auditor’s opinion can be one of five different opinions: unqualified,unqualified with explanatory language, qualified, adverse, or disclaimer ofopinion. The unqualified opinion is regarded as a clean bill of health,where the auditor makes no exceptions and does not include qualificationsin the report. An unqualified opinion should only be made when the in-dependent auditor deems that the financial statements were made in ac-cordance with GAAP, that GAAP were applied in a consistent basis, andthat the statements include all of the information necessary to make thestatements accurate. If circumstances require an auditor to add clarifyinglanguage to the standard report, the opinion is not considered qualified but


ch02_4386.qxd 2/10/05 10:10 AM Page 30

rather unqualified with explanatory language. Adding the additional lan-guage is not regarded as a qualification since the inclusion of explanatorylanguage serves to advise the readers or users of the statements.

Auditors add explanatory language to an unqualified opinion for the fol-lowing reasons:

• To emphasize a particular matter or circumstance

• To justify a departure from GAAP

• To highlight an uncertainty that could have a significant effect on thefinancial statements

For example, the auditor may want to draw attention to the fact that theorganization is facing significant litigation, or has a trend of losing moneyfrom operations. The auditor may include explanatory language if there isa question about the quality of the records or supporting documentation.

Qualified opinions may be broadly classified into two categories—qual-ifications that relate to a limitation of the examination, and qualificationswith respect to the exceptions in presentation in accordance with GAAP.The limitation or exception must be significant but not so material as toovershadow an overall opinion of the financial statements. The qualifiedreports include a separate explanatory paragraph before the opinion para-graph disclosing the reasons for the qualification. The qualified opinionshould be viewed as a warning or alert to individuals using the financialstatements.

An adverse opinion is the opposite of an unqualified opinion; it is anopinion that the financial statements do not present fairly the financial po-sition, results of operations, and cash flow of the company, in conformitywith GAAP. An auditor should express an adverse opinion if the statementsare so lacking in fairness that a qualified opinion would not be warningenough. Whenever the auditor issues an adverse opinion, he or she shoulddisclose in a separate paragraph of the report the reasons for the adverseopinion. The paragraph should also discuss the principal effects the cir-cumstances triggering the adverse opinion have on the interpretation of thefinancial statements.

A disclaimer of opinion is basically the same as no opinion. This type ofreport results from very significant limitations in the scope of the auditors’examination or limitations that are imposed by the client. If the auditor

the importance of a good audit 31

ch02_4386.qxd 2/10/05 10:10 AM Page 31

cannot evaluate the fairness of the statements, he or she should issue a dis-claimer of opinion.

The Board’s ResponsibilityRegarding the FinancialStatements

Although members of the management team typically prepare the financialstatements, it is the board’s responsibility to review and evaluate the state-ments. Most boards delegate this oversight responsibility to a committeewithin the board. In pubic organizations, this responsibility has increasinglyfallen to the audit committee whose major task is to monitor the prepara-tion and auditing of financial statements. In nonprofit organizations, theseresponsibilities typically fall to the finance committee, which has a broadercharge. Since preserving the integrity of the financial statements is such animportant responsibility, a nonprofit organization should consider forminga separate audit committee that can focus on the organization’s financial re-porting practices, work directly with the external auditor, and developpolicies to enhance the organization’s internal accounting system.

Establishing an Appropriate Relationship with the Auditor

Prior to the accounting scandals at organizations such as Enron and World-Com, many nonprofit board members erroneously believed that having theaccounting auditors give the financial statements an unqualified opinionwas all that was necessary to oversee the financial activities and safeguard as-sets. Now, however, many realize that putting absolute trust in the externalauditor’s report is imprudent and may put the organization at financial risk.In the best-case scenario, the auditor’s opinion regarding the financial state-ments is only an independent opinion regarding the degree to which the fi-nancial statements fairly present the organization’s financial position for adefined accounting period. “Fairness” in this case means that the auditorfound no evidence that there was any substantial inaccuracy in the financialstatements and that the statements comply with GAAP. If the statementswere fair, a reasonable person reading the financial statements would notdraw incorrect conclusions about the financial position of the organization.Having an unqualified audit does not mean that the organization is neces-


ch02_4386.qxd 2/10/05 10:10 AM Page 32

sarily in a good financial position; it only means that the financial statementsfairly present the position, whatever that position may be.

In the worst-case scenario, the auditor’s opinion may be biased, not ob-jective, and not independent of the organization being audited. The audi-tor may have an incentive to misrepresent the fairness of the financialstatements. For example, if the auditing firm performing the audit also re-ceives substantial compensation for providing consulting, tax work, orother services to the nonprofit, the audit may be biased to reflect a morepositive financial position than exists. In recent years, several accountingfirms such as Price Waterhouse, Ernst & Young, and Arthur Andersen havebeen involved in lawsuit cases that alleged biased auditors’ reports. Biasedauditor reports can also occur when a too cozy relationship exists betweenthe management of the nonprofit and the auditor. The loyalty of the audi-tor may lie with the ED instead of with the board, and the auditor’s eval-uation of the statements may be biased by that loyalty.

Titles II and III of SOX seek to assure the independence of the auditorand the independence and competence of the members of the audit com-mittee. In addition, SOX requires that the audit committee have at leastone member who qualifies as a financial expert. Part of establishing the in-dependence of the auditor limits the amount of non-audit services the au-ditor may provide and requires the mandatory rotation of the lead audit orcoordinating partner every five years. SOX also prohibits any officer or di-rector of the organization to influence, coerce, manipulate, or mislead anyauditor working on the audit of a company’s financial statements for thepurpose of rendering the statements materially misleading. In addition, aregistered public accounting firm is not allowed to provide audit services ifthe company’s CEO, CFO, chief accounting officer, or any equivalentemployee was employed by the auditing firm and participated in the auditof the company in the previous year.

Restriction of Auditor Services As we discussed in Chapter 1, only ac-counting firms that have been registered by the PCAOB and adhere to itsrequirements are allowed to audit companies registered with the SEC. Thelist of consulting services that auditors may offer their public company auditclients has been drastically reduced by the PCAOB. The limitation on thetypes of services that are permissible strengthens auditor independence

the board’s financial statement responsibility 33

ch02_4386.qxd 2/10/05 10:10 AM Page 33

from corporate management and helps prevent auditors from controlling acompany’s entire financial reporting process by designing the internal auditsystem and then theoretically offering an unbiased opinion. Although theselimitations currently only apply to publicly traded companies, the practiceof restricting auditors solely to auditing services is a best practice that non-profits should adopt.

The following is a list of the types of services that an auditor may notprovide to publicly traded companies. Nonprofits should consider the typesof services that their current auditors are providing and compare them tothe services on the list. The more consulting services that an auditing firmprovides to a nonprofit, the greater the potential loss of objectivity. A reg-istered public accounting firm must receive advance approval from thecompany’s audit committee before it can perform any audit and non-auditservice. A registered public accounting firm may not provide the follow-ing accounting services for public companies simultaneously with an audit:

• Bookkeeping or other services related to the accounting records orfinancial statements

• Design or implementation of financial information systems

• Appraisal or valuation services, fairness opinions, or contribution-in-kind reports

• Actuarial services

• Internal audit outsourcing services

• Management or human resources functions

• Broker, dealer, investment advisor, or investment banking services

• Legal services and expert services unrelated to the audit

• Any other service that the PCAOB determines, by regulation, is notallowed

Imposed Requirements for the Audit Committee

SOX imposes the additional requirements and responsibilities on the auditcommittees of public companies. Again, these are currently only require-ments for the private sector, but the nonprofit world can benefit fromadopting these as best practices:


ch02_4386.qxd 2/10/05 10:10 AM Page 34

• The audit committee must be directly responsible for the appoint-ment, compensation, and oversight of the work of any registeredpublic accounting firm employed by the nonprofit in regard to theaudit or related work.

• The accounting firm must report directly to the audit committee, notto the ED.

• The audit committee must have at least one member who qualifies asa financial expert.

• An audit committee member may not accept any consulting, advi-sory, or other compensatory fee from the nonprofit, except in his orher capacity as a board or board committee member.

A public company must meet these audit committee requirements to belisted on the securities exchanges or the NASDAQ. A nonprofit shouldmeet these audit committee requirements to enhance its oversight andmanagement of the nonprofit’s assets. Having a well-functioning auditcommittee can demonstrate the nonprofit’s commitment to exercise duediligence regarding the review and evaluation of any financial informationthat is to be released to the organization’s stakeholders and the generalpublic.

Creating the Audit Committee in a Nonprofit

Based on these new responsibilities and requirements, what should a non-profit audit committee do? Who should serve on the audit committee?What skills and competencies should the audit committee members have?How involved should the audit committee be with the organization’s in-ternal accounting system? While each nonprofit must answer these ques-tions for itself, the following information provides some direction.

The nonprofit audit committee should be organized as a standing com-mittee of the board, and should only be comprised of board members, notany members of management. Of course, members of management willwork and frequently meet with the audit committee, but managementshould not be a part of the committee itself. An audit committee should belarge enough to have members who are financially literate, but not toolarge as to create paralysis. In addition, the audit committee should have at


ch02_4386.qxd 2/10/05 10:10 AM Page 35

least one member who qualifies as a financial expert. To qualify as a finan-cial expert, the individual should have:

• A clear understanding of GAAP and financial statements

• Experience in applying GAAP in connection with preparing or au-diting financial statements

• Familiarity with developing and implementing internal financial con-trols and procedures

To be considered financially literate, the audit committee membersshould be able to evaluate and interpret the four basic financial statements(balance sheet, statement of revenues and expenses, statement of changes innet assets, and statement of cash flows). What should a literate audit com-mittee member know about the financial statements? Knowing the basiccomponents of each of the statements and knowing how to analyze thestatements through horizontal, vertical, and ratio analyses will give eachcommittee member the ability to better evaluate and interpret the financialstatements. This will allow the committee member to judge the compe-tency of analyses performed by others, including the staff and managementmembers of the organization, the auditors, and any outside financial con-sultants. Even though the audit committee members should be financiallyliterate and bear the first-line responsibility for the preparation and audit-ing of the financial statements, the full board still has the ultimate fiduciaryresponsibility for the accuracy of any financial reporting. All board mem-bers should thus learn as much as they can about the financial statementsand how to evaluate them. Chapter 3 provides a good overview of the var-ious financial statements and how they can be evaluated.

Role of the Audit Committee In essence, the role of the nonprofitaudit committee is to oversee, monitor, and work collaboratively withmanagement to prepare financial statements and conduct internal audits ofthose statements. The committee also must oversee, monitor, and workcollaboratively with external auditors in conducting audits. In light of themany corporate and nonprofit financial scandals, the audit committee mustperform this role in a proactive manner. The audit committee needs tosafeguard the overall objectivity of the financial statements, financial re-porting, and the internal controls process. To do so, the audit committee


ch02_4386.qxd 2/10/05 10:10 AM Page 36

should ensure that effective internal control processes have been developedand fully implemented by management and staff. In addition, the auditcommittee should ascertain that all employees and managers involved inthe financial reporting and internal controls process understand their roles,and that they are fulfilling those roles. The audit committee also shouldwork closely with external auditors to identify and analyze financial re-porting problems, and then use that information to make policy recom-mendations to management and the rest of the board. In terms of theexternal auditor, the audit committee should have the authority and re-sponsibility to:

• Select the external auditor, keeping in mind that SOX best practicerequires that auditors be rotated at least every five years

• Approve all audit engagement fees and terms

• Approve significant non-audit engagements, keeping in mind thatthe more services an auditor provides to the nonprofit, the greater thepotential loss of objectivity

• Obtain information from the auditor to ascertain that the firm has theproper qualifications, has developed and implemented quality controlpolicies, and has the staff and resources to provide the professionalservices that the nonprofit needs

• Develop the auditor’s loyalty to the committee, while at the sametime encouraging an open and collaborative relationship between theauditor and management

• Review the recruitment, hiring, and staff training policies of theauditing firm

• Develop an overall audit plan with the auditor, including a timetableand the scope of the examination

• Meet with the external auditor to review the financial statements andthe audit results

• Prepare a report to the full board on the status of the financial state-ments, the results of the audit, and any policy recommendations theboard should consider

In reviewing the audit results with the external auditor, the committee’sprimary concern is the level of fairness in the financial statements. Do the


ch02_4386.qxd 2/10/05 10:10 AM Page 37

statements present fairly the nonprofit’s status in conformity with GAAP?Assuming that the statements are fair and in conformity with GAAP, thecommittee should next try to ascertain the auditor’s opinion about theeffectiveness of the nonprofit’s internal control processes and the overallaccounting system. Some questions the committee might want to ask theauditor include:

• Do you have any suggestions for improvements in accounting,reporting, or operating procedures?

• Was the management team cooperative and forthcoming withrequested information and documentation?

• How do our accounting policies and procedures compare with thoseof other comparable nonprofits?

• Are there any items that might be disputed by the IRS? If yes, whatdocumentation should be on hand to bolster the item?

• Assuming that the auditor performed the last year’s audit, did themanagement team follow the auditor’s suggestions in correctingweaknesses in the internal accounting system?

• Is there anything regarding the financial statements or the internalaccounting system that you believe should be brought to the board’sattention?

Conclusion

If the nonprofit has an effective audit committee, there should be an over-all improvement in financial record keeping and reporting, and manage-ment will be more diligent in developing and refining internal accountingcontrols. With an increased emphasis on financial reporting and evaluation,the nonprofit may become more effective in delivering its services. Andisn’t that what the nonprofit is supposed to be about?


ch02_4386.qxd 2/10/05 10:10 AM Page 38

39

Reading and InterpretingFinancial Statements

“What am I supposed to do with all of these forms and financial state-ments?” complained Jeff, the newest member of the board. “I don’t knowanything about accounting or finance, so how am I supposed to look at thisinformation and make any sense about how well we are doing? I’m not onthe audit committee and don’t want to be. Shouldn’t they be taking careof this; isn’t it their job? I don’t even know what half of these wordsmean—current accrued liabilities, unrestricted net assets, below the lineitems—it’s all Greek to me!” “I know,” said Mary. “It’s Greek to me too.I’ve been on the board for a couple of years and I still don’t understandwhy all of us even have to look at these materials. It seems to me that itshould be up to the audit committee and the ED to review and approvethese forms. Plus, I’ve heard that the IRS is now cracking down on theamount of compensation nonprofits give to members of the managementteam. How am I supposed to know what the right amount of salary andbenefits should be? That’s not my area of expertise! I guess the best thingfor you and me to do is what I’ve been doing ever since I joined the board.If the audit committee says the materials are OK, then I just go along withthem. I don’t waste my time trying to figure out all of these numbers.” “Iguess you’re right,” said Jeff. “That makes sense to me. To tell you thetruth, I don’t even balance my own checkbook every month; I’m just notthat good with numbers. As long as the audit committee approves them,what harm could there be in just following their lead?”

Chapter 3

ch03_4386.qxd 2/10/05 10:11 AM Page 39

Are Jeff and Mary right? What harm could there be in leaving the re-sponsibility to the audit committee? Why should all of the members of theboard be concerned about the finances and financial statements of theirnonprofit?

As discussed in Chapter 2, it is important that the audit committee hasat least one financial expert as a member and that the other committeemembers are financially literate. In addition, since having an audit com-mittee doesn’t relieve the rest of the board of its fiduciary responsibility re-garding the financial statements, it is advisable that every member of theboard has at least a basic level of financial literacy. Knowing the compo-nents of each of the four basic statements and knowing how to analyze thefinancial statements through horizontal, trend, and ratio analyses will giveeach board member the ability to better evaluate and interpret the finan-cial statements. Having this skill set will allow the board members to judgethe competency of analyses performed by others, including the nonprofit’sstaff and management. Although horizontal, trend, and ratio analyses maysound like Greek to you now, by the end of this chapter, you will have abetter understanding of these terms and how to use them.

This chapter discusses the four basic financial documents and the analy-ses that can provide the board with an indicator of the nonprofit’s currentfiscal “health.” The four basic statements include the balance sheet, thestatement of operations, the statement of changes in net assets, andthe statements of cash flows. There is another important financial reportthat most nonprofits must file annually with the IRS—Form 990 or Form990-EZ. This report contains a significant amount of financial informationabout the nonprofit, and the IRS uses the report to determine if the non-profit is still eligible for its tax-exempt status under section 501(c)(3) of theIRS Code.

The report is not only viewed by the IRS. IRS regulations require thatall nonprofits provide copies of the report to anyone who requests one.Individuals now do not even have to request a copy of the report directlyfrom the nonprofit. Since 1997, most of the reports are posted on theInternet by GuideStar and the National Center for Charitable Statistics, twononprofits based in Washington D.C. Anyone with an Internet connectioncan now view your nonprofit’s financial information, without the nonprofitever knowing! Members of the media, potential donors, and policymakers

40 chapter 3 interpreting financial statements

ch03_4386.qxd 2/10/05 10:11 AM Page 40

all have easy access to your nonprofit’s report. Since Form 990 and Form990-EZ provide information about a nonprofit’s financial condition, it isimportant that members of the board review them for completeness andcorrectness. We discuss Form 990 and Form 900-EZ in Chapter 4.

One more thing should be noted before we begin discussing the fourbasic financial statements. Two types of accounting may be used for finan-cial reporting—cash basis and accrual basis. In the cash basis of accounting,what is tracked is the flow of cash into and out of the organization. Trans-actions are not recognized as occurring until cash is received by the organ-ization or paid out by the organization. For example, an organizationwould recognize revenues only when the payment, or cash, was receivedfor delivering the good or service. Expenses are recognized as occurringonly when the organization actually pays for the resources used in its op-erations. This approach to accounting is similar to how people keep theirpersonal checkbooks and is fairly straightforward.

In the accrual basis of accounting, revenues are recognized when theyare earned, not when payment is received. Expenses are recognized as ex-penses when assets are used in the process of creating and delivering aservice or good, not when the costs of the assets are paid. This is not asstraightforward as the cash basis of accounting, but the accrual basis of ac-counting is the more generally accepted method, and provides more in-formation about an organization’s fiscal health that does the cash basis ofaccounting. For example, let’s assume that a nonprofit is using the cashbasis of accounting and has a very large bill due in December. Let’s alsoassume that what is owed is a very large amount, so large that it is doubt-ful that the nonprofit will be able to pay it in full. If you were a creditortrying to make a decision about whether you should extend credit to thenonprofit, you would want to know that the organization was close todefaulting on a debt. However, if you were examining the financial state-ments from September, October, and November, this debt would noteven appear, and you might think the organization was in better financialhealth than it actually is. Since the cash basis of accounting only reportscash when cash flows into or out of the organization, it only reports whathas happened, not what is going to happen in the future, even in the very nearfuture. It wouldn’t notify you that the organization has debt that it is notgoing to be able to pay.

interpreting financial statements 41

ch03_4386.qxd 2/10/05 10:11 AM Page 41

As well as not reflecting what debt an organization has, the cash basis ofaccounting also doesn’t reflect the amount of money that is owed to theorganization. For example, the organization may have extended credit toa number of its clients and is expecting to receive the payments within the30 thirty days, in the month of December. If you were a donor trying tomake a decision about whether you should make a donation to the non-profit, you would want to know that the organization has this money dueto it. However, if you were examining the financial statements from Sep-tember, October, and November, you would not know that the organiza-tion expects to receive payments in December. Your opinion about thefinancial standing of the nonprofit would be faulty and you might make anincorrect donation decision. Since the accrual basis of accounting is themore generally accepted form of accounting and it provides more infor-mation about an organization’s fiscal health, the financial statements pre-sented in this chapter are based on the accrual basis of accounting, not thecash basis.

Balance Sheet

As shown in Exhibit 3.1, the balance sheet presents the assets, liabilities,and the net assets of the nonprofit. In other words, the balance sheet pres-ents the resources the nonprofit owns, the debt it must pay, and the non-profit’s net worth. The balance sheet provides a snapshot of the nonprofit,as it captures what the nonprofit looks like at a particular point of time,generally the last day of the accounting period. Typical accounting periodsare monthly, quarterly, half-yearly, and yearly. The basis of the balancesheet is the basic accounting equation:

Assets = Liabilities + Net assets

Since the total of what the nonprofit owns equals the combined total ofthe nonprofit’s debt and the nonprofit’s worth (net assets), there must be abalance between the total assets and the total liabilities plus the net assets.In the for-profit world, net assets would be the same as owners’ equityor shareholders’ equity. The balance sheet will become more understand-able once we more thoroughly cover the definitions of assets, liabilities,and net assets.


ch03_4386.qxd 2/10/05 10:11 AM Page 42

Assets

Assets of the nonprofit are the resources it owns, both current and non-current. Examples of current assets include cash and cash equivalents, ac-counts receivables, and investments, all of which have a life of one year orless. Examples of “cash equivalents” would be a savings account or amoney market account, where the funds are easily and quickly available.Accounts receivable are the amounts due to the nonprofit from sales or de-livery of services. If a client does not pay what is owed at the time the client

balance sheet 43

sample balance sheet for the Exh ib i t 3 . 1per iod end ing december 31, 20X1

ASSETS LIABILITIES

Current Assets Current LiabilitiesCash and Cash Equivalents 4,258 Long-Term Debt, Current 1,470Short-Term Investments 9,136 Accounts Payable 2,817Net Accounts Receivable 15,020 Wages and Salaries Payable 3,001Supplies 1,997 Supplies Payable 2,143Prepaid Expenses 670 Utilities Payable 1,969Other 783

Total Current Assets 31,864 Total Current Liabilities 11,400

Non-Current Assets Non-Current AssetsNet Property and Equipment 49,358 Long-Term Debt, Net 20,100Long-Term Investments 16,979 Other 6,997Assets Limited as to Use 10,470Other 6,375

Total Non-Current Assets 83,182 Total Non-Current Assets 27,097

TOTAL ASSETS 115,046 TOTAL LIABILITIES 38,497

NET ASSETS

Unrestricted 67,720Temporarily Restricted 3,216Permanently Restricted 5,613

TOTAL NET ASSETS 76,549

TOTAL LIABILITIESAND NET ASSETS 115,046

ch03_4386.qxd 2/10/05 10:11 AM Page 43

purchases the good or service, the client should be billed, or invoiced, forthe amount owed. All of these invoices are the value of accounts receiv-able; the nonprofit owns the “right” to collect these amounts, and expectsto be paid within a relatively short time period. An example of a currentinvestment would include a six-month certificate of deposit owned by thenonprofit. It is current because it has a “life” of less than one year, and canbe converted into cash at the end of its six-month life

Non-current assets include assets with a life greater than one year, suchas property and equipment. For example, the building owned by the non-profit is a non-current asset as the nonprofit expects to be able to use thebuilding for more than one year. Computer equipment is also a good ex-ample of a non-current asset. The IRS views most computer equipment ashaving a “life” of greater than one year, and most nonprofits use their com-puter equipment for several years. A term that is used interchangeably fornon-current is long-term. Likewise, the term short-term can be used insteadof current.

Liabilities

Liabilities are the obligations of the nonprofit to pay its creditors. As withassets, liabilities are divided into two categories: current and non-current.Examples of current liabilities include accounts payable, notes payable, andlabor payable. Accounts payable contains the value of money owed forgoods, services, and supplies the nonprofit has purchased, but has not yetpaid for. It can also contain other obligations such as insurance or intereston a loan, both of which must be paid within one year. Notes payable con-tains the value of loans, notes, or other short-term obligations that arepayable to a bank or other financial institutions, all of which must be paidwithin one year. Labor payable is the sum of all of the wages and/or salariesthat a nonprofit owes its staff. If a nonprofit doesn’t pay its wages/salariespayable in a short amount of time, it isn’t going to keep its employees forvery long, so it makes sense that labor payable is a current liability! As in thecase of current assets, “current” for liabilities are liabilities that should bepaid in one year or less; conversely, non-current liabilities are liabilities thathave a payment life of more than one year. Examples of non-current lia-bilities are mortgages payable and bonds payable. These liabilities can havea life of 15 to 30 years, or longer.


ch03_4386.qxd 2/10/05 10:11 AM Page 44

Net Assets

The net assets of a nonprofit are defined in a simple restatement of the basicaccounting equation:

Net assets = Assets – Liabilities

As discussed earlier, assets are the resources owned by the organization,and the liabilities are the total obligations, or debt. Once the liabilities aresubtracted from the assets, what are left over are the net assets. The net as-sets can be thought of as the “net worth” of the nonprofit. Nonprofits areexempt from taxes, and in exchange for this exemption, the nonprofitis “owned” by the community in which the nonprofit resides and bythe clientele it serves. The net assets are the community’s interest, orownership, of the assets of the nonprofit. In a for-profit organization, thisportion of the nonprofit is referred to as “owners’ equity” or “shareholders’equity.” In a for-profit organization, the owners’ equity or sharehold-ers’ equity can be distributed to the owners or shareholders, since they di-rectly own the equity. In a nonprofit organization, the net assets are notdistributed to the owners, but rather are used to increase services or growthe organization. Thus, the community and the clientele benefit from thenet assets, even though they are not directly distributed. In the past, theterm fund balance was used in nonprofit to indicate the net assets; however,that term is rarely used now. In a nonprofit, the community and the clien-tele “own” the nonprofit, and the net assets are the quantifiable reflectionof that ownership.

The net assets are generally categorized into three classifications:

1. Unrestricted net assets

2. Temporarily restricted net assets

3. Permanently restricted net assets

Unrestricted net assets are the dollar value of net assets where there is norestriction on how the net asset can be used. For example, if a donor con-tributes $10,000 to the nonprofit and does not specify how the donationmust be used, that donation would become a part of unrestricted net assets.Unrestricted net assets do not have any stipulations or restrictions for theiruse, other than legal or ethical considerations. Temporarily restricted net

balance sheet 45

ch03_4386.qxd 2/10/05 10:11 AM Page 45

assets reflect the dollar value of net assets that have a restriction on their use,but that restriction has a time limit. For example, a donor may give land tothe nonprofit with the stipulation, or restriction, that the land cannot besold for five years. Since the land has a temporary restriction on its use, itis a part of temporarily restricted net assets. Once the time period for therestriction passes, the land is no longer a part of temporarily restricted netassets and becomes a part of unrestricted net assets. Permanently restrictednet assets are net assets that have restrictions on their use, and that restric-tion does not have a time limit. An example of a permanently restricted netasset is an endowment that allows the nonprofit to spend the interest, butnever any of the principal.

For those of you who would like more information on the balance sheet,please refer to Appendix A. All of the items on the sample balance sheet aremore thoroughly explained.

Statement of Operations

As discussed, the balance sheet presents a snapshot of the nonprofit at a spe-cific point in time. The statement of operations is different in that it is asummary of the nonprofit’s expenses and revenue, gains, and other supportover a period of time. As can be seen in Exhibit 3.2, the statement of op-erations contains the expenses and revenues, gains, and other support overthe entire accounting period, not just at the end of the accounting period.In the for-profit world, this statement is typically called the “income state-ment” or the “profit and loss (P & L) statement.” The basic formula for thestatement of operations is:

Revenues, gains, and other support – Expenses= Excess of revenues, gains and other support over expenses

In a nonprofit, a positive difference between revenues, gains, and othersupport and expenses is not considered profit, but rather an increase in thenet assets. In the for-profit world, profits are distributed to the owners ofthe for-profit; in a nonprofit, the excess of revenues, gains, and other sup-port over expenses should be used to generate more programs or servicesfor the nonprofit’s clientele. If they are not used to generate more programsor services, they become a part of the net assets of the nonprofit, and in-crease the nonprofit’s overall net worth.


ch03_4386.qxd 2/10/05 10:11 AM Page 46

Revenues, Gains, and Other Support

Revenues are amounts earned by the nonprofit by selling a product or pro-viding a service. For example, if your nonprofit were a hospital, it wouldearn revenues whenever it delivered hospital services to its patients. Gainsoccur when assets are sold for more than their book value. For example, ifthe nonprofit owns property and sells that property for an amount greaterthan the property’s original purchase or donation value, the nonprofit hasincurred a gain. Other support includes unrestricted donations, donationsreleased from restriction, and appropriations from governmental nonprof-its or other grant-making nonprofits.

statement of operations 47

sample statement of operationsExhibit 3.2for the period ending december 31, 20X1

Unrestricted Revenues, Gains, and Other Support

Net Program A Revenue 30,421Net Program B Revenue 33,620Net Program C Revenue 10,555Other Revenues 3,576Donor Contributions 20,735Net Assets Released from Restrictions for Operations 300

Total Revenues, Gains, and Other Support 99,207

Expenses

Wages and Salaries 59,751Supplies 10,635Utilities 8,059Transportation 14,985Depreciation 2,572Bad Debt 1,035Other Expenses 1,018Total Expenses 98,055Total Operating Income 1,152Non-Operating Income (Investment) 975Excess of Revenues over Expenses 2,127Change in Net Unrealized Gains and Losses 105Net Assets Released from Restrictions Used for Equipment Purchase 437

Increase in Unrestricted Net Assets 2,669

ch03_4386.qxd 2/10/05 10:11 AM Page 47

Expenses

Expenses are the “costs of doing business.” During the accounting period,the nonprofit has been selling goods and delivering services. To create thegoods that it sold and the services that it delivered, the nonprofit con-sumed, or used up, some of its assets. For example, if the nonprofit is pro-viding home-delivered meals, it will “use up” gas or electricity to cook thefood, the food supplies that are used in the meals, gasoline and wear andtear on the delivery vehicle, the amount of rent that the nonprofit pays forits offices and kitchens, and so forth

Other examples of expenses include salaries and benefits, insurance, de-preciation of equipment and other capital items, and the provision for baddebts. Salaries and benefits is the cost of the labor that the nonprofit usedduring the accounting period, and insurance is the cost the nonprofitpaid for insurance coverage used during the accounting period. Deprecia-tion of equipment and other capital items is the amount of usage of a long-term asset incurred during the accounting period. For example, if thenonprofit purchases computer equipment that it expects can be used forfive years, the nonprofit is “using up” that computer equipment over anextended period of time. Depreciation allows the nonprofit to recognizewhen it has used up some of the computer equipment. If the value of thecomputer equipment was $10,000 and it is expected to last for five years,then every year the nonprofit used up $2,000 worth of the equipment. The$2,000 becomes the depreciation expense for the year.

The provision for bad debts expense allows the nonprofit to recognizethat it will not receive some of the money that is owed to it from accountsreceivable. Some of the invoices will not be paid fully, and the nonprofithas to indicate the amount of bad debt that occurred during the time pe-riod. Writing off bad debt is an expense of doing business.

Below the Line Items

The statement of operations may also contain information on what areknown as “below the line items.” For example, donations that are madespecifically to acquire capital assets are not considered part of revenues,gains, and other support because their use is restricted to the purchase ofcapital assets. Another example of a below the line item are transfers to theparent organization (assuming there is one). The effect of these belowthe line items appear on the statement of operations, below the value of


ch03_4386.qxd 2/10/05 10:11 AM Page 48

excess of revenues, gains, and other support (hence the term below the lineitem). Below the line items directly affect the value of net assets, either pos-itively or negatively. The effect is positive if the below the line item reflectsan inflow of value to the nonprofit; conversely, the effect on the net assetsis negative if the below the line item reflects an outflow of value.

For those of you who would like more information on the statement ofoperations, please look in the Appendix A. All of the items on the samplestatement of operations are more thoroughly explained.

Statement of Changes inNet Assets

The purpose of the statement of changes in net assets is to account for anychanges in the net assets from one accounting period to the next. A sam-ple statement of changes in net assets is shown in Exhibit 3.3.

There are two reasons why the value of net assets would change:

1. Changes in unrestricted net assets

2. Changes in restricted net assets

Changes in unrestricted net assets flow directly from the statement ofoperations. If the excess of revenues, gains, and other support is positive,unrestricted net assets are increased. A positive change reflects that thenonprofit’s revenues, gains, and other support are greater than its expenses,and the amount of the unrestricted net assets is increased by that amount.In this case, the nonprofit is making a “profit.” Conversely, if the non-profit’s expenses are greater than its revenues, gains, and other support, theamount of the unrestricted net assets is decreased by that amount. In thiscase, the nonprofit is experiencing a “loss.”

As discussed previously, the statement of operations contains informa-tion in addition to the value of the excess of revenues, gains, and othersupport over expenses. These below the line items directly affect the valueof the unrestricted net assets, by either increasing or decreasing them.Changes in restricted net assets, through either a temporarily restricted ora permanently restricted donation, directly affect the value of the net assets.However, not all changes in restricted net assets change the value of netassets. For example, temporarily restricted assets are only restrictedfor a specific period of time. If the restriction period for any of the tem-porarily restricted net assets expires, the value of that net asset “moves” to

statement of changes in net assets 49

ch03_4386.qxd 2/10/05 10:11 AM Page 49

unrestricted net assets. Although the value of restricted net assets is re-duced, the value of net assets is not changed since the reduction is offset bythe increase in unrestricted net assets.

For those of you who would like more information on the statement ofchanges in net assets, please refer to the Appendix A. All of the items on thesample statement of changes in net assets are more thoroughly explained.

Statement of Cash Flows

The fourth basic financial statement is the statement of cash flows. Thisstatement answers the following questions:

• How much cash came into the organization and from where did thecash come?

• How much cash left the organization and where did the cash go?


sample statement of changes Exh ib i t 3 .3in net assets for the per iod end ing december 31, 20X1

Unrestricted Net Assets

Excess of Revenues over Expenses 2,127Change in Net Unrealized Gains and Losses 105Net Assets Released from Restrictions Used for Equipment Purchase 437

Increase (Decrease) in Unrestricted Net Assets 2,669

Temporarily Restricted Net Assets

Net Assets Released from Restrictions to be Used for Equipment Purchase (437)Net Assets Released from Restrictions for Operations (300)Net Unrealized Gains and Losses 575

Increase (Decrease) in Temporarily Restricted Net Assets (162)

Permanently Restricted Net Assets

Net Unrealized Gains and Losses 289Contributions for Endowment Funds 1,500

Increase (Decrease) in Permanently Restricted Net Assets 1,789

Total Increase (Decrease) in Net Assets 4,296Net Assets, Beginning of Month 72,253

Net Assets, End of Month 76,549

ch03_4386.qxd 2/10/05 10:11 AM Page 50

The statement of cash flows tracks cash flows from operating, investing,and financing activities. It captures the flow of cash into and out of the or-ganization during the accounting period. A sample statement of cash flowsin shown in Exhibit 3.4.

statement of cash flows 51

sample statement of cash Exh ib i t 3 .4flows for the per iod end ing december 31, 20X1

Cash Flows from Operating Activities

Change in Net Assets

Adjustments to Reconcile Changes in Net Assets toNet Cash Provided by Operating Activities: 4,896

Depreciation 2,572Net Unrealized Gains and Losses (971)Bad Debt 1,035Restricted Contributions Received (1,500)Increase (Decrease) in:

Net Accounts Receivable (6,544)Accounts Payable 2,000Wages and Salaries Payable 13,350Supplies Payable 1,477Utilities Payable 2,478Long-term debt, current 500

Net Cash Provided by Operating Activities 19,293

Cash Flows from Investing Activities

Purchases of Investment (5,175)Capital Expenditures (12,996)

Net Cash Flows Used in Investing Activities (18,171)

Cash Flows from Financing Activities

Increase in Long-Term Debt 5,100Payments on Long-Term Debt (3,512)

Net Cash Used in Financing Activities 1,588

Net Increase in Cash and Cash Equivalents 2,710

Cash and Cash Equivalent at Beginning of Year 1,548

Cash and Cash Equivalents at End of Year 4,258

ch03_4386.qxd 2/10/05 10:11 AM Page 51

Operating activities are the normal business activities in which the non-profit engages to generate revenues. Examples of operating activities are theselling of goods or the delivery of services. Investing activities includethe purchasing and selling of investments and the purchase or sale of capi-tal items, such as property or equipment. Financing activities include in-creasing or decreasing the amount of long-term debt, changes in net assets,and transfer to the parent organization (if there is one). The statement ofcash flows tracks the cash inflows and outflows from these activities andreports the net increase (or decrease) in cash and cash equivalents as the re-sult of these activities.

For those of you who would like more information on the statement ofcash flows, please refer to the Appendix A. All of the items on the samplestatement of cash flows are more thoroughly explained.

Financial Statement Analysis

Now that we’ve discussed the components of each of the financial state-ments, learning how to analyze the information contained in the statementsis the next step. The real value of financial statements for the nonprofit isthat they can be used to help predict the nonprofit’s future financial con-dition, and provide a view of the nonprofit’s current condition. Analyzingthe financial statements can help to answer the following questions:

• Has the nonprofit’s performance changed over the years? In whatdirection?

• Is the nonprofit generating enough excess of revenues, gains, andother support over expenses? Why or why not? Compared to othersimilar nonprofits, how well is this nonprofit faring?

• What percentage of the nonprofit’s net assets is permanently restricted,and how does that percentage compare to last year?

• How effective is the nonprofit in collecting what is owed to it? Howdoes the nonprofit compare to other similar nonprofits?

• Will the nonprofit be able to meet its debts in a timely manner?Compared to other similar nonprofits, is this nonprofit doing betteror worse?

• How efficiently is the nonprofit using its assets? Compared to othersimilar nonprofits, is improvement needed? If the nonprofit is using its


ch03_4386.qxd 2/10/05 10:11 AM Page 52

assets inefficiently, it is using more resources than are necessary to pro-duce and deliver its programs and services.

• Are the nonprofit’s facility and equipment in need of replacement?Does the nonprofit meet the standard for facility and equipment re-placement? If all of the nonprofit’s computer equipment is more thanfive years old, the nonprofit will soon have to replace that equipment.That could be a large expense for the nonprofit, and the board andmanagement should be aware of this upcoming expense.

• Is the nonprofit in a good position to take on additional debt, or is itoverextended? Compared to other similar nonprofits, does the non-profit have too much or too little debt? Having too much debt cancause repayment problems for a nonprofit, but having too little debtmeans that the nonprofit isn’t taking advantage of the leverage thatdebt can give.

Trend Analysis

A trend analysis allows you to look at changes in performance that have oc-curred over any number of years. You can compare the selected year to theprevious year, or you can compare the selected year to five years ago. Theyear that you are comparing to the selected year is called the “base year.”The formula for a trend analysis is:

((Selected year – Base year) / Base year) × 100

Here is an example of how you can use trend analysis. You know thatthe amount of revenues your nonprofit has is currently less than previousyears, and you are curious to see what the percentage change has been overprevious years. For example, in reviewing the nonprofit’s statement of op-erations for 2001, you note that the amount of revenues for the year was$10,589,145. From the statement of operations for 2004, you note that theamount of revenues was $15,832,163. Using the following formula, we candetermine the percentage change and the direction of the change:

(($10,589,145 – $15,832,163) / $15,832,163) × 100 = –33.1%

From 2004 to 2001, your revenues dropped 33.1%. Looking at the per-centage of change can be more helpful than simply comparing the raw

financial statement analysis 53

ch03_4386.qxd 2/10/05 10:11 AM Page 53

numbers, especially if the numbers are large. This analysis provides valuableinformation about the revenues and can be used as evidence to argue forrevenue-improvement activities.

Common-Size Analysis

Common-size analysis allows you to remove the dollar values from itemsand express the items as percentages of some whole item. For example,you may be interested in knowing the percentage allocation of currentand non-current assets over total assets. Once you have determined thatpercentage, you can compare it to previous years’ percentages, or you cancompare it to industry standards for your type of nonprofit. You can de-velop industry standards for your type of nonprofit by viewing thefinancial information provided in other nonprofits’ Form 990s or Form990-EZs. In this case, the current and non-current assets are the items ofinterest, and the total assets are the base item. Another example would beto determine the percentage makeup of net assets. What percentage of netassets is unrestricted; what percentage is temporally restricted; what per-centage is permanently restricted? In this case, net assets would be the baseitem, and the unrestricted, temporally restricted, and permanently restrictednet assets would be the items of interest. The formula for common-sizeanalysis is:

(Item of interest / Base item) × 100

Let’s assume that the value of current assets in 2004 was $1,972,185,the non-current assets totaled $9,361,382, and the total assets equaled$11,333,567. For the year 2004, the common-size analysis is:

($1,972,185 / $11,333,567) × 100 = 17.4%

($9,361,382 / $11,333,567) × 100 = 82.6%

Current assets make up 17.4 percent of total assets, and non-current as-sets make up 82.6 percent. You can compare the percentage allocation ofthe items of interest to previous years or to the industry standard to ascer-tain if there are any significant differences. If there are, you know thatworking on the allocation percentage of assets should be on the “to do” list.


ch03_4386.qxd 2/10/05 10:11 AM Page 54

Financial Ratios

Financial ratios allow a nonprofit to compare its current financial healthwith its own previous performance or to industry standards. Financial ratiosexpress the relationship between two numbers and basically pull togethertwo elements of the financial statements: one expressed as the numerator,and one as the denominator. Since Form 990 and Form 990-EZ contain alot of financial information, it is easy to develop industry standards byviewing the reports filed by nonprofits similar to yours and pulling out theneeded elements.

An almost unlimited number of financial ratios can be calculated, and wewill not, of course, be able to cover each possible ratio here. However, if youare able to calculate and interpret some ratios from each of the four commonclassifications of ratios, the job of analyzing the financial statements can moreeasily be accomplished. There are four general classifications of financial ra-tios: liquidity, profitability, asset management or activity, and capital struc-ture. The following sections describe the components of each and explainwhat board members should look for in terms of red flags.

• Liquidity ratios measure a nonprofit’s ability to meet short-term ob-ligations, collect receivables, and maintain sufficient cash on hand.Liquidity ratios help to answer the question, “How able is the non-profit to meet its short-term obligations and debt?”

• Profitability ratios help to answer the question, “Is the nonprofit gen-erating excess revenues over expenses?”

• Asset management or activity ratios help to answer two questions,“How efficiently is the nonprofit using its assets to produce revenues?”and “In view of current and projected revenues, is the amount of eachtype of asset reasonable, too high, or too low?”

• Debt management or capital structure ratios help to determine theextent to which a nonprofit uses debt to finance its assets. Theseratios help to answer the questions, “How are the nonprofit’s assetsfinanced?” and “How able is the nonprofit to take on new debt?”

Since ratio analysis can best be interpreted relative to a standard, ratioanalysis should thus be a comparative analysis. The standard may be thenonprofit’s past performance, a goal set by the nonprofit, or the averageperformance level in the industry or a group of equivalent nonprofits.


ch03_4386.qxd 2/10/05 10:11 AM Page 55

Trade associations frequently publish the financial ratios standards, orbenchmarks, for the nonprofits in the industry.

Liquidity Ratios Liquidity ratios reflect the ability of the nonprofit tomeet its current obligations, to pay bills that are due. If the nonprofit doesnot have enough cash on hand to pay its obligations when they come due,the nonprofit’s credit rating may be adversely affected, which could resultin a loss of credit, loss of vendor relationships, and loss of trade discounts.Frequently used liquidity ratios include:

• Current ratio

• Quick ratio

• Average collection period ratio

• Days cash on hand

• Average payment period

Current Ratio The current ratio reflects the short-term solvency of thenonprofit. The current ratio equals current assets divided by current liabil-ities. Both of these values can be found on the balance sheet.

Current assets / Current liabilities = Current ratio

Red Flag

If the current ratio = 1 or more, the nonprofit has sufficient current as-sets to meet its current liabilities. If the current ratio is less than 1, thenonprofit may experience difficulty in meeting its short-term obliga-tions. For example, if the current ratio = .45, for every $1 owed inshort-term obligations the nonprofit only has 45 cents to cover thoseobligations. In general, a nonprofit would like to be equal to or abovethe current ratio standard. If the current ratio is substantially greaterthan the standard, however, the nonprofit may be holding too muchcash on hand and should investigate longer term investments. If thenonprofit finds itself in a nonliquid position, it should develop and im-plement plans to either improve the flow of cash into the nonprofit orreduce its short-term obligations.


ch03_4386.qxd 2/10/05 10:11 AM Page 56

Quick Ratio The quick ratio is a more stringent indicator of liquidity, asit only uses the most liquid current assets in its formula. Assets that are cur-rent but are not immediately liquid are excluded, such as product inven-tory. The quick ratio equals cash plus short-term investments (also knownas cash equivalents) plus net accounts receivables divided by current liabil-ities. The values of these four accounts can be found on the balance sheet.

((Cash + Cash equivalents + Net accounts receivables) / Current liabilities) = Quick ratio


Red Flag

If the quick ratio equaled .50, for every $1 in current liabilities the non-profit only has 50 cents. If the quick ratio equaled 2.63, for every $1in current liabilities the nonprofit has $2.63. As in the case with thecurrent ratio, in general a nonprofit would like to be equal to or abovethe quick ratio standard, but not substantially above the standard. Anorganization does not want to be short of cash, but it also does notwant to have a lot of cash that is “sitting around and not working” forthe nonprofit.

Average Collection Period Ratio The average collection period ratio is ameasure of how long the average client or customer takes to pay the bill forservices or products sold. The quicker clients or customers pay their in-voices, the quicker the nonprofit is able to convert its receivables intocash. The days receivables equals net accounts receivables divided by netrevenues divided by 365. The value of net accounts receivables can befound on the balance sheet, and the value for net revenues can be found onthe statement of operations.

Net accounts receivables / (Net revenues / 365) = Average collection period ratio

ch03_4386.qxd 2/10/05 10:11 AM Page 57

Red Flag

The average collection period ratio should be equal to or below thestandard. For example, if the standard is 57 days, you would want youraverage collection period ratio to be equal to or less than 57 days. Ifthe nonprofit is not meeting the standard, it may be experiencing someliquidity problems and it is not earning any financial benefit from hav-ing unpaid invoices. Developing and implementing a plan to improvethe collections of receivables may improve the nonprofit’s liquidity po-sition by bringing cash more quickly into the nonprofit. If a nonprofitdoes not manage its accounts receivables well, it may not survive.


Days Cash on Hand Days cash on hand is a measure of how long the non-profit could meet its obligations if all cash receipts were discontinued. Dayscash on hand equals unrestricted cash and cash equivalents divided by ex-penses minus depreciation expense divided by 365. The values of unre-stricted cash and cash equivalents can be found on the balance sheet. Thevalues of expenses and depreciation expense can be found on the statementof operations.

(Unrestricted cash + Cash equivalents) / (Expenses – Depreciation expense / 365) = Days cash on hand ratio

Red Flag

In general, a nonprofit would like to be equal to or above the dayscash on hand ratio, but not substantially above the standard. If thedays cash on hand ratio is equal to 30 days, the nonprofit can survivelonger than if the ratio was equal to 3 days. The days cash on handratio can be improved by either increasing the inflow of cash or de-creasing the expenses. If the days cash on hand ratio is substantiallyabove the standard, the nonprofit may not be using its cash effectively.Remember, excessive cash on hand is cash that is not working for you!

ch03_4386.qxd 2/10/05 10:11 AM Page 58

Average Payment Period The average payment period is a measure of howlong it takes the nonprofit to pay its bills. Developing and keeping a goodcredit relationship with vendors and suppliers is critical to the financial wellbeing of the nonprofit, and the nonprofit should thus attempt to pay its billson time. The average payment period equals current liabilities divided byexpenses minus depreciation expense divided by 365. The value of currentliabilities can be found on the balance sheet, and the values of expenses anddepreciation expense can be found on the statement of operations.

Current liabilities / (Expenses – Depreciation expense / 365) = Average payment period


Red Flag

In general, the average payment period should be equal to or less thanthe standard. However, if the average payment period is substantiallybelow the standard or is substantially less than 30 days (the typicalnumber of days allowed to pay an invoice), the nonprofit may be pay-ing its bills too quickly and may be missing opportunities for short-term investment. It may also be that the nonprofit is paying its bills inless than 30 days in order to earn trade discounts, a reduction in theamount paid in exchange for early payment. One has to investigatethe cause of the ratio value before one can decide what action, if any,needs to be taken. The nonprofit wants to avoid the reputation ofbeing a slow payer, but it doesn’t want to give up cash sooner thannecessary!

Profitability Ratios The profitability ratios are all measures of the abil-ity of the nonprofit to produce a profit, or to generate excess revenues,gains, and other support over expenses. A nonprofit that is only breakingeven or, worse, suffering a loss, will not be able to expand its delivery ofservices. If the nonprofit experiences continued losses, it may not be ableto survive. Frequently used profitability ratios include:

• Operating margin

• Return on total assets

ch03_4386.qxd 2/10/05 10:11 AM Page 59

Operating Margin The operating margin measures the proportion of excessrevenues, gains, and other support over expenses earned for each dollarof revenues, gains, and other support. The operating margin equals excess ofrevenues, gains, and other support over expenses divided by revenues,gains, and other support. Both of these account values can be found on thestatement of operations.

Excess of revenues, gains, and other support over expenses / Revenues, gains, and other support = Operating margin


Red Flag

In general, a nonprofit would like to have an operating margin at orslightly above the standard. Although the mission of the nonprofit isnot to generate a profit or excess revenues, gains, and other supportover expenses, having a good operating margin can give the nonprofitthe financial ability to expand its delivery of services and to surviveleaner times in the future. However, if the operating margin were sub-stantially higher than the standard, the nonprofit may be charging toomuch for its services and products, and not meeting the needs of thecommunity. After all, the mission of the nonprofit is to serve its com-munity and clientele!

Return on Total Assets The return on total assets is a measure of howmuch “profit” is earned for each dollar invested in assets. The return ontotal assets equals the excess of revenues, gains, and other support over ex-penses divided by total assets. The value of revenues, gains, and other sup-port can be found on the statement of operations, and the value of totalassets can be found on the balance sheet.

Excess of revenues, gains, and other support over expenses / Total assets = Return on total assets

ch03_4386.qxd 2/10/05 10:11 AM Page 60

Red Flag

In general, a nonprofit would like to have a return on assets at orslightly above the standard. If the nonprofit is below the standard, itis not using its assets effectively, or it doesn’t have the right “mix” ofassets to effectively deliver services and generate excess revenues,gains, and other support. It may need to invest in capital items, suchas facility expansion or computer equipment, or it may need to divestitself of some of these items.


Asset Management Ratios The asset management ratios provide ameasure of how much in revenues, gain, and other support is generated foreach dollar invested in assets.

Asset management ratios include:

• Total asset turnover ratio

• Fixed assets turnover ratio

• Age of facility ratio

Total Asset Turnover Ratio The total asset turnover ratio measures theoverall efficiency of the nonprofit’s assets to produce revenues, gains,and other support. The total asset turnover ratio equals revenues, gains, andother support divided by total assets. The value of the revenues, gains,and other support can be found on the statement of operations, and thevalue of total assets can be found on the balance sheet.

Revenues, gains, and other support / Total assets = Total asset turnover ratio

Red Flag

In general, a nonprofit would like to have a total asset turnover ratioequal to or greater than the standard. The higher the ratio, the moreefficient the nonprofit is in its use of its assets. If the ratio is low, thenonprofit may have too much money invested in assets, or it couldbe that the nonprofit is not doing a good job in generating revenues,

ch03_4386.qxd 2/10/05 10:11 AM Page 61

gains, and other support. As with the other ratios, the total assetturnover ratio does not provide you with the answer to what is wrong,it simply alerts you to the fact that there is a problem in this area.


Fixed Assets Ratio If the nonprofit owns a facility or equipment, theseitems are called “fixed” assets. They are called “fixed” because an organi-zation would not be able to divest itself of these items quickly. The fixedassets turnover ratio is a measure of the nonprofit’s efficiency in usingits fixed assets of facility and equipment to produce revenues, gains, andother support. The fixed assets turnover ratio equals revenues, gains,and other support divided by facility and equipment minus accumulateddepreciation. The value of the revenues, gains, and other support can befound on the statement of operations, and the values of facility, equipment,and accumulated depreciation can be found on the balance sheet.

Revenues, gains, and other support / (Facility + equipment – accumulated depreciation)

= Fixed assets turnover ratio

Red Flag

In general, a nonprofit would like to have a fixed assets turnover ratioequal to or higher than the standard. If the ratio is substantially higherthan the standard, however, it may be an indication that the nonprofithas not invested enough in fixed assets and will need to upgrade itsfacility or equipment in the near future.

Age of Facility Ratio The age of facility ratio provides a measure of theaverage age of a nonprofit’s facility and equipment. The age of facilityratio equals accumulated depreciation divided by depreciation expense.The value of accumulated depreciation can be found on the balance

ch03_4386.qxd 2/10/05 10:11 AM Page 62

sheet, and the value of depreciation expense can be found on the state-ment of operations.

Accumulated depreciation / Depreciation expense = Age of facility ratio


Red Flag

In general, a nonprofit would like to be equal to or below the standard.If the ratio is substantially higher than the standard, it may indicatethat the nonprofit needs to replace its equipment or facility soon. Youwould rather know this sooner than later, since replacement or up-grades of equipment or the facility is a long process. Your nonprofitneeds to plan in advance for this.

Debt Management Ratios Debt management ratios reflect the non-profit’s long-term liquidity by quantifying the relationship between thenonprofit’s assets and its long-term debt. Did the nonprofit acquire most ofits assets through debt or through excess revenues, gains, and other supportover expenses? Debt management ratios also give an indication of a non-profit’s ability to cover its long-term debt and its ability to take on morelong-term debt. Debt management ratios include:

• Long-term debt to net assets ratio

• Times interest earned ratio

• Debt service coverage ratio

Long-Term Debt to Net Assets The long-term debt to net assets ratio is ameasure of the relationship between long-term debt and the assets ownedby the nonprofit. It is a reflection of the proportion of net assets that werefinanced through long-term debt. The long-term debt to net assets ratioequals the long-term debt divided by the net assets. The value of bothlong-term debt and net assets can be found on the balance sheet.

Long-term debt / Net assets = Long-term debt to net assets ratio

ch03_4386.qxd 2/10/05 10:11 AM Page 63

Red Flag

In general, a nonprofit would like to have a long-term debt to net as-sets ratio equal to or lower than the standard. Taking on too muchdebt may place the nonprofit in the risky position of not being able toeasily repay the debt. In addition, having too much debt may put thenonprofit in the position of not being able to take on additional debtwhen necessary. If the nonprofit has a very low long-term debt to netassets ratio, it may not be taking advantage of the leveraging powerthat long-term debt can give. If the nonprofit has been taking advan-tage of debt leveraging and still has a low ratio, it could also be an in-dication that the nonprofit has too many net assets and has notexpanded services as much as it could.


Times Interest Earned The times interest earned ratio is a measure of thenonprofit’s ability to meet its interest payments for long-term debt. Thetimes interest earned ratio equals the excess of revenues, gains, and othersupport over expenses plus interest expense divided by the interest ex-pense. The value of both excess of revenues, gains, and other supportover expenses and the interest expense can be found on the statement ofoperations.

(Excess of revenues, gains, and other support over expenses + Interest expense) / Interest expense = Times interest earned ratio

Red Flag

In general, a nonprofit would like to have a times interest earned ratioequal to or greater than the standard. The value of the times interestearned ratio is especially important if the nonprofit wants to take onmore long-term debt in the near future. Creditors and lenders use thetimes interest earned ratio to evaluate a nonprofit’s ability to repaydebt. If the ratio is too small, they may be reluctant to extend addi-tional funds.

ch03_4386.qxd 2/10/05 10:11 AM Page 64

Debt Service Coverage Ratio The debt service coverage ratio is a morestringent measure of a nonprofit’s ability to repay its long-term debt. Un-like the times interest earned ratio, the debt service coverage ratio does notjust measure the nonprofit’s ability to cover its interest expense. Instead,this ratio measures a nonprofit’s ability to meet its entire loan require-ments, principal plus interest. The debt service coverage ratio equals theexcess of revenues, gains, and other support over expenses plus interest ex-pense plus depreciation expense divided by the interest expense plus theprincipal payment. The value of the interest expense, depreciation ex-pense, and the excess of revenues, gains, and other support over expensescan be found on the statement of operations.

(Excess of revenues, gains, and other support over expenses + Interest expense + Depreciation expense) /

(Interest expense + Principal payment) = Debt service coverage ratio

conclusion 65

Red Flag

In general, a nonprofit would like to have a debt service coverage ratioequal to or greater than the standard. The greater the debt service cov-erage ratio, the better able the nonprofit is to handle additional long-term debt. As with the times interest earned ratio, a too low debtservice coverage ratio does not look very favorable to creditors andlenders.

Conclusion

If you use the information in this chapter when it is time to look at yourorganization’s financial statements, you should be able to make a more in-formed decision about the nonprofit’s financial standing. You will be ableto meet your fiduciary responsibilities and will no longer simply be “rubber-stamping” whatever the ED gives to you.

ch03_4386.qxd 2/10/05 10:11 AM Page 65

ch03_4386.qxd 2/10/05 10:11 AM Page 66

67

Form 990: UnnecessaryPaperwork or a Useful Tool?

Maria and Jose work in the finance department of a mid-sized non-profit. They are standing at the water fountain commiserating about all thework they have. “Well, I guess I better get busy working on that stupidForm 990,” said Maria to Jose. “I hate working on this report and it isreally a waste of my time. It’s not even important that the information onthe report is correct, since I bet no one really ever looks it. I’m sure theIRS is too busy monitoring tax returns to even review the Form 990s thatare sent to them. It’s just more unnecessary paperwork for us to handle.”“I didn’t know that no one really ever reviews the report,” said Jose. “Ifyou’re right, then why do you have to spend so much time on it? It seemslike you could just use rough estimates.” “That may be a good idea,” saidMaria. “I have plenty of more important work to do.”

Are Jose and Maria right? Should Maria focus more on the “importantwork” and put working on Form 990 at the bottom of her to-do list? IsForm 990 not worth the effort?

What Are Form 990 and Form 990-EZ?

As discussed in Chapter 3, nonprofits that are exempt from taxation underIRS Code 501(c)(3) are required to file either Form 990 or Form 990-EZwith the IRS. Form 990 is filed by nonprofits whose “normal” annual

Chapter 4

ch04_4386.qxd 2/10/05 10:13 AM Page 67

receipts total more than $25,000. A nonprofit is categorized as having nor-mal annual receipts greater than $25,000 if its receipts for the previousthree years average $25,000 per year or more. Form 990-EZ is filed bynonprofits whose normal annual receipts are smaller and whose assets totalless than $25,000. Since Form 990-EZ is simply a short-form Form 990,we use the term “Form 990” for the rest of this chapter. Private founda-tions are also required to file a report with the IRS—Form 990-PF—butthis form is not covered in this chapter.

Why Is Form 990 Important?

Form 990, “Return of Organization Exempt From Income Tax,” is filedby nonprofits that are tax-exempt under IRS Code 501(c)(3). The non-profit’s tax-exempt status is not a permanent status. If a nonprofit’s opera-tions no longer meet the requirements of IRS Code 501(c)(3), itstax-exempt status can be revoked by the IRS. Losing its tax-exempt statuswould be a deadly blow to most nonprofits! In addition to its IRS use,Form 990 is a primary piece of the annual reports that many nonprofits arerequired to submit to the state offices that regulate charitable solicitation.

Form 990 is available to entities other than the IRS and state regulators.Virtually anyone has the right to view your nonprofit’s Form 990. IRS reg-ulations now require nonprofits to provide a copy of the report for the lastthree previous years to anyone who requests one. However, Form 990 iseven more public than this. GuideStar and the National Center for Chari-table Statistics, two nonprofits based in Washington D.C., have posted non-profits’ Form 990s on the Internet since 1997. All it takes for any individualto view your nonprofit’s Form 990 is the desire to do so and an Internetconnection. Literally, an unlimited number of people could view your non-profit’s Form 990 at any time and without the nonprofit ever knowing! Theeasy availability of Form 990 could result in a public relations disaster foryour nonprofit if the Form 990 is sloppily prepared, contains misleading in-formation, or gives the impression that the nonprofit is misusing funds.However, the easy availability of Form 990 could be advantageous for thenonprofit if correctly presents the nonprofit and its program in an accurateand positive way. For example, potential donors and grant makers mightmake a positive decision about funding based on the information containedin Form 990. As another example, if members of the media are focusing on

68 chapter 4 form 990

ch04_4386.qxd 2/10/05 10:13 AM Page 68

your nonprofit, the nonprofit may be presented in a favorable light if itsForm 990 is complete and transparent.

Management’s Role in ImprovingForm 990: Creating a GoodInternal Control System

In the area of financial reporting, the SOX legislation requires public com-panies to have a good internal control system, perform periodic assessmentof the internal control system, have members of upper management certifythe accuracy of reports, and develop and use a code of ethics for seniorfinancial officers. All of these requirements can be viewed as pieces andresults of the internal control system. All of these requirements have appli-cation in nonprofits and will help an organization use its Form 990 as anadvantage. In addition to improving Form 990, having a good internalcontrol system will improve the integrity of all of the organization’s finan-cial statements discussed in Chapter 3. It is management’s role to create andimplement a good internal control system.

Most internal control systems have a set of features that shape the system.What are the features of a good internal control system? A good systemshould have a code of ethics, a solid accounting system, control activities,and monitoring activities.

Code of Ethics

The first feature of a good internal control system is the organization’sview of integrity and a sense of ethics. Members of senior management,such as the ED and the financial officers, ultimately have the responsibil-ity of the internal control system. The ED can have a significant impact onthe organization’s overall view of what constitutes acceptable practices.If the ED conveys to the rest of the nonprofit management and staff thatintegrity and a sense of ethics are valued qualities in the organization,adherence to any internal control system will be stronger than it wouldif the ED did not demonstrate a commitment to these qualities. In someof the scandals discussed in Chapter 1, management set an organizationaltone of deceit and greed, which may have fueled inappropriate behaviorat all levels of the organization. The SOX requirement of a code of ethicsdefinitely applies here!

management’s role in improving form 990 69

ch04_4386.qxd 2/10/05 10:13 AM Page 69

Accounting System

The accounting system used by the nonprofit exerts a lot of influence overthe integrity of financial reporting. Therefore, the accounting system canbe considered an important piece of the internal control system. The IRSprovides clear directions regarding specific categories and classes into whichrevenues and expenses must be allocated. Lines 1 to 11 of Part I on Form990 require revenues to be allocated across 10 specified categories:

1. Contributions, gifts, grants, and similar amounts

2. Program service

3. Membership dues and assessments

4. Interest on savings and temporary cash investments

5. Dividends and interest from securities

6. Rental

7. Sale of assets other than inventory

8. Special events and activities

9. Sale of inventory

10. Other

Lines 13 to 17 of Part A on Form 990 require that expenses be presentedas program expenses, management expenses, and fundraising expenses.

In addition to following Form 990’s categories of revenues and ex-penses, other information must be reported in a specific way. For example,in Part III of Form 990, the filer is required to report all of the programsand services that it provides, along with the expenses for each individualitem. In Part IV of the form, the filer must report net assets as unrestricted,temporarily restricted, or permanently restricted. Lines 45 to 58 in Part IVare the required categories for assets and are reported in order of their avail-ably of use.

It is unnecessary to cover all of the reporting requirements for Form990. The rest of the requirements can be easily found by looking at Form990 and reading the instructions provided by the IRS. The point is that asmart nonprofit will build its accounting system around the categories andclassifications that the IRS requires. If an organization knows what finan-cial information is required, it makes sense to have an accounting system


ch04_4386.qxd 2/10/05 10:13 AM Page 70

that tracks and reports this information. As a bonus, all of the IRS-requiredcategories and classifications can be used for the financial statements dis-cussed in Chapter 3.

Control Activities

Another critical feature of a good internal control system is its control ac-tivities. Control activities help ensure that all members of the managementteam and staff are following the nonprofit’s accounting, finance, andrecordkeeping polices and procedures. Each functional level throughoutthe nonprofit should have its own set of control activities that are relevantto the function and the level. Examples of control activities include segre-gation of duties (the person who writes checks should not be the same per-son who handles the invoices), authorizations, reviews of operatingperformance, and verifications.

Monitoring Activities

An essential feature of a good internal control system is its monitoring ac-tivities. Monitoring should be an essential part of general management andsupervisory activities and of the internal audit function of the organization.When a problem is detected in the system, the problem should be ad-dressed, and the problem and its solution should then be sent up the chainof command. Hiding problems isn’t an effective way of resolving them. Ifa problem is detected and resolved in one department, sending the infor-mation up the chain of command might benefit other functions or depart-ments of the nonprofit. Another department may have the same problem,but hasn’t detected it yet. Having this information moving freely thoughthe organization can benefit the entire organization. Learning aboutanother’s department problems or mistakes might help other departmentsdetect the same problem.

Certification by Upper Management

Under SOX, the CEO and the CFO in a public company are required tocertify that the financial statements are accurate and adhere to GAAP. Anonprofit can adapt this requirement by requiring that the senior manage-ment team certify the financial statements and Form 990 as a part of their

management’s role in improving form 990 71

ch04_4386.qxd 2/10/05 10:13 AM Page 71

job descriptions. If the management team has designed and implemented agood internal control system, including an internal audit, certifying thestatements should not be cause for alarm.

The Board’s Role in Form 990

The role of the board in improving Form 990 is basically the same as itsrole with the financial statements discussed in Chapter 3. In the board, theprimary responsibility for Form 990 would lie with the audit committee,but all board members should understand the purpose of Form 990, its re-quirements, and its importance to the well-being of the nonprofit. Re-viewing the form and reading the IRS instruction for it would alert theboard to Form 990’s requirements. In addition to verifying that Form 990has been completed accurately and in a timely manner by the managementand staff, there is some information in the form to which the board shouldpay particular attention. The board can use some of the financial analysistechniques discussed in Chapter 3 on some of the information in Form 990and evaluate the nonprofit’s performance in several areas. Examples wouldinclude the information regarding fundraising, salaries for key managersand staff members, and lobbying activities.

Fundraising

One of the specific categories of expenses on Form 990 is fundraising.Is the nonprofit spending too much on fundraising? Is the nonprofit earn-ing a good return for its fundraising efforts? Board members could an-swer these questions by comparing the nonprofit’s fundraising expenseswith its fundraising revenues. If the nonprofit is spending a significant per-centage of its fundraising revenues on its fundraising expenses, the non-profit may not be conducting fundraising as efficiently as it could. Afundraising efficiency ratio could be used to compare the nonprofits withthe industry standard. As in the case of the financial ratios discussed inChapter 3, all of the information that is needed to determine the industrystandard can be found in the Form 990s of similar nonprofits. As discussed,these forms are readily available. The formula for the fundraising effi-ciency ratio would be:

Fundraising revenues / Fundraising expenses = Fundraising efficiency ratio


ch04_4386.qxd 2/10/05 10:13 AM Page 72

If the fundraising efficiency ratio is equal to 2.67, then for every dollarspent for fundraising, the nonprofit gained $2.67. If the ratio is equal to 1,the nonprofit is making a dollar for every dollar spent for fundraising. If theratio is less than 1, say .25, the nonprofit is losing money in its fundraisingefforts. Using .25 as the ratio, for every dollar spent for fundraising, thenonprofit is only making 25 cents. In other words, the nonprofit is losing75 cents of every dollar spent. The value of the ratio, especially in com-parison with a standard from the industry or with a nonprofit’s fundraisingefficiency goal, would give the board some useful information regardingwhat the fundraising policies should be.

As discussed in Chapter 3, ratios can be created from any two numbers.There are other areas the board might want to evaluate in relation to thenonprofit’s fundraising, and it can create a ratio to achieve that evaluation.

Salaries for Key Managers and Staff Members

In August 2004, the IRS announced an initiative to identify and halt abusesby nonprofits that pay excessive salaries and benefits to their key managersand staff members. The initiative also focuses on loans made and the sale,leasing, or exchange of property to key managers and staff members. Theproject, named the “Tax Exempt Compensation Enforcement Project,”will contact roughly 2,000 nonprofits to obtain additional informationabout their compensation policies and procedures for their key managersand staff members. Needless to say, the IRS is apparently starting to crackdown on inappropriate compensation packages and transactions!

The board can use Form 990 to assist in its evaluation of the nonprofit’scompensation levels. Form 990 requires the nonprofit to provide compen-sation amounts of its key managers, such as the CFO and the officer incharge of administration of program operations. In addition, the nonprofitmust report the compensation of its five highest employees who are paidmore than $50,000 and who are not on the list of key managers. The boardcan compare its compensation levels with industry standards to ensure thatthe levels are not out of line.

Lobbying Activities

Form 990 requires the nonprofit to report any lobbying activities and theexpenses connected with these activities. “Lobbying” in this case is defined

the board’s role in form 990 73

ch04_4386.qxd 2/10/05 10:13 AM Page 73

as any attempt made by the nonprofit to influence a legislator or membersof the legislator’s staff regarding the enactment of some piece of legislation.Under the IRS Code, it is permissible for nonprofits to engage in lobby-ing, but if the nonprofit has too many lobbying activities or has very highlobbying expenses, the nonprofit’s tax-exempt status may be jeopardized.One way the board can evaluate the nonprofit’s lobbying activities andhelp develop lobbying policies is to compare the amount of lobbying ex-penses with the Form 990s of other similar nonprofits.

Conclusion

It should now be clear that Form 990 is not just unnecessary paperwork. Itis a tool that can be used to develop best practices and gain competitiveadvantage. If Maria and Jose work for your nonprofit, you should correcttheir incorrect notions about Form 990!


ch04_4386.qxd 2/10/05 10:13 AM Page 74

75

SOX Sections VIII and XI:Document Retention andWhistleblower ProtectionObligations

Mary, the ED of a mid-size nonprofit, and Joe, the organization’sfinancial officer, were talking during lunch. “Well,” said Mary, “you won’tbelieve what nerve my idiotic secretary had today! She said that if wedidn’t start maintaining more accurate records about our donations and ex-penses, we would be in violation of SOX. I don’t know how she evenknows anything about SOX, but it’s obvious that she doesn’t know thatnone of the act applies to nonprofits. I tried to explain to her that SOXonly applied to public companies that were registered with the SEC, butshe insisted that she was right. She even said that keeping poor records wastantamount to perpetrating a fraud and that she felt an obligation to reportus. Can you imagine? I was furious that she had the nerve to question myknowledge of SOX and, even worse, her implications that our record-keeping procedures were somehow inadequate. And when she mentionedreporting us, that was just the last straw! Can you imagine what a can ofworms it would be for us to be investigated, especially for something thatdoesn’t even apply to us? All of the time that would be wasted? The pub-licity? I told her that she should start minding her own business and not

Chapter 5

ch05_4386.qxd 2/10/05 10:14 AM Page 75

worry about areas outside of her expertise, and that if she couldn’t do that,she should start looking for another job!” Joe gave Mary a startled look andexclaimed, “You didn’t actually threaten to fire her, did you?” “Yes,” saidMary. “She’s my secretary; I should be able to fire her if I want to, espe-cially if she keeps up this fraud talk. What’s the problem?” Joe said, “I thinkthis lunch is going to take a little longer than we planned. I have some badnews for you.”

Is Mary right? Is she correct that none of SOX applies to nonprofits?Contrary to Mary’s beliefs, two sections of SOX, Sections VIII and XI,

do apply to Mary. Section XI requires nonprofits to develop and maintainappropriate procedures for document creation and retention. And evenworse—at least for Mary—Section VIII extends whistleblower protectionto any employee who reports fraudulent or illegal organizational practices.Mary may have just created a lawsuit for herself and the nonprofit bythreatening her secretary with job termination. The information in thischapter should help you to not repeat Mary’s blunder.

Whistleblower Protection

The first obligation from SOX that applies to all organizations is the re-quirement for a documented “whistleblower protection” policy. SOXrequires all organizations, including nonprofits, to establish a means to col-lect, retain, and resolve claims regarding accounting, internal accountingcontrols, and auditing matters. The system must allow such concerns to besubmitted anonymously. SOX provides significant protections to whistle-blowers, and severe penalties to those who retaliate against them. The fol-lowing comes directly from SOX, Section 806:

. . . any officer, employee, contractor, subcontractor, or agent of such com-pany, may not discharge, demote, suspend, threaten, harass, or in any othermanner discriminate against an employee in the terms and conditions of em-ployment because of any lawful act done by the employee

(1) to provide information, cause information to be provided, or other-wise assist in an investigation regarding any conduct that the employee rea-sonably believes constitutes a violation of section 1341, 1343, 1344, or 1348,any rule or regulation of the Securities and Exchange Commission, or anyprovision of Federal law relating to fraud against shareholders, when the in-formation or assistance is provided to or the investigation is conducted by

76 chapter 5 sox sections viii and xi

ch05_4386.qxd 2/10/05 10:14 AM Page 76

(A) a Federal regulatory or law enforcement agency;(B) any Member of Congress or any committee of Congress; or(C) a person with supervisory authority over the employee (or such other

person working for the employer who has the authority to investigate, dis-cover, or terminate misconduct)

Does your Human Resources division have systems in place that willsatisfy the SOX requirement for all organizations to have a whistleblowerpolicy? If not, policies and procedures should be developed that contain atleast the following aspects:

• There is a confidential avenue for reporting suspected waste, fraud,and abuse.

• There is a process to thoroughly investigate any reports.

• There is a process for disseminating the findings from the investigation.

• The employee filing the complaint will not be subjected to termina-tion, firing, harassment, or miss out on promotion.

• Even if the findings do not support the nature of the complaint, theemployee or volunteer who made the complaint will not face anyrepercussions.

All employees and volunteers should have a copy of the whistleblowerpolicy, and it should be posted in clear view. This policy should also becovered in any orientation or training programs the organization offers forits employees and volunteers.

Creating a ConfidentialReporting System

Confidentiality is the key in developing a process whereby employees andvolunteers feel safe in reporting waste, fraud, and abuse. Appendix B con-tains documents on this policy. One way a confidential reporting systemcan be established is to use an ombudsman. Another way would be to usea third-party reporting system that is not connected to the organization.

Ombudsman

For many years, organizations in Europe and long-term care facilities in theUnited States have used ombudsmen as a way to provide a safe avenue for

creating a confidential reporting system 77

ch05_4386.qxd 2/10/05 10:14 AM Page 77

employees and clients to report fraud and abuse. In the United States, along-term care ombudsman is an advocate for residents of nursing homes,board and care homes, and assisted living facilities. Ombudsmen are trainedto resolve problems and can address complaints brought to him or her. Along-term care ombudsman can be a confidential ear for complaints andconcerns, can help resolve complaints and concerns, educate residentsabout their rights, and help long-term care facilities develop more effectivepractices. Nonprofit organizations can use the role of the long-term careombudsman as a guideline for creating their own confidential reportingsystem. To be effective, an ombudsman is independent of the organizationand cannot be terminated for reasons other than failure to perform. Hav-ing this type of program in place can go a long way to correct problems asthey arise and to meet the SOX requirements.

Third-Party Reporting Systems

SOX has created a market for third-party anonymous hotlines as a risk-freeway to report unethical or illegal activity. With a third-party anonymoushotline, an employee or volunteer can report questionable activities any timeof day or night. The hotlines can handle a variety of reporting issues, such as:

• Accounting irregularities

• Violations of governmental regulations

• Fraud

• Falsification or destruction of organizational records

• Workplace violence

• Substance abuse

• Discrimination

• Sexual harassment

• Conflicts of interest

• Release of proprietary information

Employees and volunteers who might feel uncomfortable coming for-ward via internal reporting processes may feel more comfortable reportingissues via a third-party hotline.


ch05_4386.qxd 2/10/05 10:14 AM Page 78

Document Retention, Archiving,and Retrieval

Document storage and retention is another area within SOX that applies toall organizations. The language in Section 802 describes the consequencesfor failing to implement a document retention system:

Whoever knowingly alters, destroys, mutilates, conceals, covers up, falsifies,or makes a false entry in any record, document, or tangible object with theintent to impede, obstruct, or influence the investigation or proper admin-istration of any matter within the jurisdiction of any department or agencyof the United States or any case filed under title 11, or in relation to or con-templation of any such matter or case, shall be fined under this title, impris-oned not more than 10 years, or both.

Appendix C provides a sample of a document retention policy and rec-ommendations for its implementation. Key areas for consideration in doc-ument retention include:

• What documents and records should be preserved and why?

• Are the documents paper-only or are electronic files included? Whichones?

• What about e-mail and instant messaging?

• What are the expectations about the way in which documents arestored or archived and the ability to retrieve documents?

• How long are you supposed to keep these documents?

• Is there a protocol for disposing of documents once their storage timehas elapsed?

• When should you not destroy materials?

• How can you make sure that everyone in the nonprofit—staff andvolunteers—understands and adheres to these requirements?

• What happens if your nonprofit is in violation?

First Steps: Beginning the Process

Policies on document preservation should be developed by the board andsenior management. Appendix C contains a walk-through of the process.

first steps: beginning the process 79

ch05_4386.qxd 2/10/05 10:14 AM Page 79

There needs to be a statement developed by senior management that con-tains the following talking points:

• What the document retention policy is and why it is required by law. Itis important that the staff and volunteers understand that documentpreservation is a component of SOX that applies to all organizations.

• What are the new procedures that emerge from the policy? What are thedeliverables that the board expects?

• What does this legal requirement mean for your nonprofit?

• What are the obligations of individual employees to ensure that your non-profit is in compliance?

• What is expected in terms of new behaviors and procedures, and what arethe consequences (for individual employees and volunteers) for failingto adhere to the new procedures. Middle and senior managementmust be prepared to carry out the consequences swiftly to send astrong message throughout the organization.

The system you design for document storage, archives, and retrievalmust be logical and user-friendly. If staff can’t understand what it’s about,what’s expected of them, and why they are being asked to do this, theprobability of success is low.

Step 1

Consider what types of documents your nonprofit would need to store/archive and be able to retrieve. Some examples of documents that need tobe stored include:

• Contracts with vendors for services, including insurance policies, au-ditor contracts (particularly to demonstrate that the auditing firm isnot providing any other services to your nonprofit)

• Contracts with external clients (such as public sector agencies) to pro-vide services to the external clients

• Contracts with your nonprofit’s programmatic clients

• Contracts with your nonprofit’s management, staff, and volunteers (ifapplicable)


ch05_4386.qxd 2/10/05 10:14 AM Page 80

• Documents that a regulatory agency requires you to retain, such as taxreturns, business license documents, vehicle registration forms, andprofessional licensure documents

• Correspondence with regulators about your nonprofit’s operations

• Documents containing information that a regulator would need toreview

• Documents required by local, state, and federal law, and correspon-dence regarding these documents

• Documents that have historical, legal, or programmatic significancefor your nonprofit

• Instant message or e-mail that contains negotiations for a contract orother legal agreement

• Any document that would provide proof that your nonprofit took ac-tion in a business, contractual, or legal matter

• Financial documents, reports, analysis, and forecasts

• Donor records, history, and correspondence

• HR records including volunteer and board files

• Documents that reflect the sale of property, merchandise, or any tan-gible or intangible assets

Be sure to build in the requirements of any third-party reviewers suchas auditors or regulatory agencies, so that your system will satisfy the ex-pectations of these reviewers.

Step 2

Inventory the nonprofit’s current record system to determine what recordsare in use, what records are in storage, and what records are archived. Thisstep should also include a review of the types of e-mail messages and instantmessages that are routinely transmitted along with attachments.

Step 3

Develop retention rules (based on legal requirements and the operationalneeds of your nonprofit) and ensure that these rules are clearly disseminatedto all staff and volunteers. There needs to be a classification system (develop


ch05_4386.qxd 2/10/05 10:14 AM Page 81

a simple one) that allows for documents to be classified as “confidential,”“private,” or other designation that precludes them from general access. Aspart of this step, it is essential that a training program be developed for staffto ensure that they understand what is expected of them, what the proce-dures are, and what records they are expected to retain.

Step 4

Develop a process for finding and preserving documents that either will beor are part of an investigation or legal action. There must also be a mech-anism for announcing that no documents are to be destroyed until an “allclear” notice is given—and stiff consequences for failing to adhere to thisdirective.

Step 5

Develop rules for managing, storing, preserving, and archiving electronicmessages or other electronic data. The rules should address the importantissues, including listing the types of documents that are to be retained andhow these documents are to be stored. The process need not be compli-cated, but the rules need to be standardized—there is no room for “doingyour own thing.” Staff and volunteers need to understand that they are ob-ligated to adhere to the rules—or face the consequences. The rules shouldalso include steps to be taken to ensure that the documents cannot be tam-pered with, such as using “pdf” files or passwords. It is particularly impor-tant to store financial records in such a way as to ensure that they representa true and honest picture of the nonprofit’s financial profile and/or otherfinancial description. Regulators will expect to be able to rely on the ac-curacy of all of your electronic records—no exceptions.

An important component of this step is the design of a technologypolicy or the revision of your current technology policy to include thesetopics:

• Clearly state that all aspects of the nonprofit’s technology belongs to the non-profit. There are no expectations of personal privacy when using thenonprofit’s technology.

• Identify all of the nonprofit’s technology. Hardware and software includ-ing laptop computers, desktop computers, hand-held devices such as


ch05_4386.qxd 2/10/05 10:14 AM Page 82

PDAs and Blackberry, cell phones, Internet access, e-mail and all soft-ware programs purchased through the nonprofit. Be aware that whenelectronic devices such as laptops or PDAs are “recycled” to anotherstaff member, the “hard drive” of the device may still contain data,documents, or transactions from the previous employee. It is impor-tant to institute a procedure to erase the hard drive once all of thedocuments have been extracted and stored according to your non-profit’s Document Retention Policy.

• Develop a policy on the storage and transportation of sensitive information outof your nonprofit’s facilities. Published reports describe multiple scenar-ios of laptops of bank employees being stolen that contained client fi-nancial data. The same thing could happen to your nonprofit if youstore sensitive information about donors, clients, or staff on laptopsthat leave your premises.

Does your nonprofit have a privacy policy that relates to donor infor-mation? Information about clients, staff, volunteers? If not, you need to in-stitute one immediately and disseminate the policy(ies) to the variousconstituencies. For example, if your nonprofit has a Web site, do you listthe names of donors? If you list these names, have each of the donorssigned a consent document? In today’s world of identity theft and Internethacking, it is particularly important to protect donors, staff, and boardmembers.

State that when an employee leaves his or her job at the nonprofit,he or she will be expected to surrender all technology to the HR depart-ment prior to departure—and obtain a signed receipt from HR for all ofthe equipment that was turned over to HR. Specific employees withineach division of your nonprofit should be assigned the responsibility andthe requisite power and resources for Document Retention within theirdivision. It is essential that these individuals all have the same trainingand knowledge of organizational systems and any technology such as scan-ners, software, and the like, to ensure that documents are selected, pre-served, archived, and able to be retrieved in a consistent, standardizedmanner.

Establish rules for appropriate and secure electronic transmission of sen-sitive materials. Work with IT and legal professionals to ensure that theserules are comprehensive and appropriate to your nonprofit.


ch05_4386.qxd 2/10/05 10:14 AM Page 83

Step 6

Develop a means by which the Document Retention system will beaudited on a regular basis to ensure that all staff are in compliance with theprovisions. Board and staff should understand that the audits will be ran-dom and unannounced. Consequences for noncompliance should be metedout quickly to send a message to the entire organization. Please understandthat your nonprofit is a business, and you need to conduct operations in abusiness-like fashion. The days of the “Mom and Pop” nonprofit areover—you have an obligation to your donors, your clients, your board,and your staff to ensure that your organization is in compliance with thiscomponent of SOX legislation. It’s not just a “best practice”—it’s the law,and it applies to all organizations in this country, including your nonprofit.

Conclusion

Both the Whistleblower Protection Policy and the Document RetentionPolicy are legal requirements for nonprofits of any size. The implementa-tion of these two policies and the document retention procedures will putyour nonprofit in compliance with federal law, provide the additional ben-efits of orderly file keeping, and provide staff with a safe way to alert man-agement of operational problems.


ch05_4386.qxd 2/10/05 10:14 AM Page 84

85

Raising the Bar of Accountability:SOX Best Practices andthe Board

Wendell Smith is the treasurer of the Gulf Coast Spinnaker Society. Heis a self-assured businessman who feels he has his finger on the pulse of theorganization. His finance committee is made up of male and female pro-fessionals from various fields. Additionally, several of the Spinnaker Soci-ety managers are assigned to staff this committee. One of the staff members,Fred, is also a silent partner in his family’s copier distributing company.Fred’s family’s company is the vendor for Spinnaker’s copiers.

At this month’s finance committee meeting, the topic of vendor con-tracts was on the agenda. One of the Spinnaker Board members, Ann, alsosits on the finance committee, as does the Spinnaker board chair, Saman-tha. Ann questioned whether Fred should be present during this discussionbecause one of the contracts being discussed was for the copier contract.Wendell became irate because Ann brought up this topic at the meetingwithout clearing it with him first. He lectured Ann that Fred is very valu-able to Spinnaker and should be allowed to sit in on the discussion. Whenthe discussion turned to renewing the contracts, the copier contract ispassed without further question by anyone on the committee. If the copiercontract had been put out for competitive bid, the Spinnaker Societywould have discovered that competing firms could have provided better

Chapter 6

ch06_4386.qxd 2/10/05 10:15 AM Page 85

value for the money. Of course, after Ann’s reprimand, no one dared sug-gest that the copier contract be put out for competitive bid. Wendell wassatisfied that the well-oiled finance committee machine continued to runsmoothly.

Legislative Environment: BestPractices and Governance

Chapter 1 presented the emerging standards that are currently being con-sidered at the federal level and the features of the new California law onnonprofit integrity. This chapter emphasizes what SOX expectations arefor boards, the three legal standards to which all boards and board membersmust adhere, and the deliverables that emerge from SOX best practices.These deliverables are the policies and procedures that will facilitate theplatinum operational paradigm for your nonprofit and the specific tech-niques for changing the board culture and for instituting a new workingparadigm based on SOX best practices.

The important issues and recommendations that are part of today’s non-profit legislative environment include:

• SOX legislation requires all nonprofits to have a whistleblower pro-tection policy, along with a document retention policy and a policyprohibiting the destruction of documents associated with an investi-gation or litigation.

• The U.S. Senate Finance Committee published a staff paper that in-cluded the following matters for consideration in raising nonprofit ac-countability:

• Require nonprofits to have their IRS tax-exempt status reviewedevery five years, with extra documents and a new processing fee.

• Increase information disclosures on IRS Form 990, including an-nual performance goals and measurements for meeting those goals.

• Require Form 990 to be signed by an organization’s CEO orequivalent under penalties for perjury.

• Create penalties for failure to file a complete and accurate Form990.

• Appropriate $10 million for various forms of nonprofit accreditation.

86 chapter 6 raising the bar of accountability

ch06_4386.qxd 2/10/05 10:15 AM Page 86

• Establish an Exempt Organization Hotline for reporting abuses bycharities and complaints by donors and beneficiaries.

• Limit the board size to 15 members.

• For those nonprofits in California, the recently signed NonprofitIntegrity Act (SB1262) requires the following of nonprofits with budg-ets in excess of $2 million:

• Have an annual audit performed by a CPA who is “independent”as defined by U.S. Government auditing standards, and make thataudit available to the public and the Attorney General.

• Accounting committee membership stipulations: Have an audit com-mittee whose membership cannot include staff and must not over-lap more than 50% with the finance committee; the auditcommittee can include members who are not on the organiza-tion’s board of directors.

• Board accountability for executive compensation: The law requires thatthe board approves of the compensation, including benefits, of thecorporation’s president or CEO, and its treasurer or CFO “to as-sure that it is just and reasonable” (i.e., not excessive).

• Fundraising practices: The law requires disclosure of written con-tracts between commercial fundraisers and nonprofits. The Attor-ney General’s office has the right to demand a copy of thecontract. Fundraisers must be registered with the Attorney Gen-eral’s office.

Additionally, all nonprofits in California regardless of size mustmeet the following requirements:

• Make their audits available to the public on the same basis as theirIRS Form 990 if they prepare financial statements that are auditedby a CPA.

• Fundraising requirements: [Nonprofits must provide] notice of a so-licitation campaign by a “commercial fundraiser for charitablepurposes,” which must be filed at least 10 days before the com-mencement of the solicitation campaign, events, or other services.Fundraisers must not misrepresent or mislead anyone about itspurpose, or the nature, purpose, or beneficiary of a solicitation. Anonprofit must “establish and exercise control over its fundraising

legislative environment: best practices and governance 87

ch06_4386.qxd 2/10/05 10:15 AM Page 87

activities conducted for its benefit, including approval of all con-tracts and agreements, and shall assure that fundraising activities areconducted without coercion.”

The preceding list of expectations and stipulations represent the waysin which the business environment that nonprofits operate within haschanged in the past three years. Yes, business environment. For decades,nonprofits have believed that because they are tax-exempt organiza-tions, they are also exempt from the same ethical and accountability stan-dards that have been imposed on the private sector. The Senate FinanceCommittee’s recommendations along with the language contained inCalifornia’s Nonprofit Integrity Act should dispel all of these antiquatednotions.

This chapter discusses the new and the traditional expectations ofdirectors/trustees of nonprofit boards and the ways in which SOX bestpractices have raised the level of governance accountability. These tradi-tional expectations are contrasted with the newer, more rigorous expecta-tions that emerge from SOX best practices.

The board and its governance role are important aspects of SOX legis-lation, the California legislation, and the impending “clone” legislationdealing with nonprofit accountability being considered in several otherstates. “Accountability” is an important watchword in today’s nonprofitgovernance environment. The media is filled with examples of financialmismanagement, violation of federal employment law, and failure to con-duct due diligence in outsourcing functions.

Published reports provide these examples of nonprofit governance crises:

• The San Francisco Bay Area United Way and its nonprofit subsidiary,Pipevine. Pipevine was under contract to collect and allocate corporatedonations to the United Way of the San Francisco/Bay Area. Pipe-vine allegedly skimmed millions from the donations because it had in-accurately forecasted its operating expenses and wasn’t receivingsufficient revenue from the United Way to maintain solvency.

• Haight-Ashbury Free Clinic. The CFO of the Haight-Ashbury FreeClinic allegedly embezzled almost $1 million. Federal funds that wereto be returned if not spent were collected by the CFO and then sentoff to a bank account in his name located elsewhere in California.


ch06_4386.qxd 2/10/05 10:15 AM Page 88

When a nonprofit encounters these dramatic crises, the board is oftenthe first place to look for the source of the dysfunction. The first questionthat comes to mind in each of these sad stories is, “Where was the board?”Did the board understand what was going on? Did the board ignore orcondone clearly inappropriate and often criminal behavior? Did the boardeven know what to look for? Today’s boards and board members need torecognize that the level of scrutiny and accountability aimed at nonprofitshas increased. Nonprofit boards can no longer afford to deal at arm’s lengthwith the organization—or meet on a quarterly basis as was once touted ina well-known governance model. The days of the fully accountable, fullypresent “hands-on” board are here to stay.

The actions of the board and the products of governance have becomecentral issues in SOX legislation, California legislation, and any potentialclone legislation because nonprofit boards hold the ultimate accountabilityfor what transpires within the confines of a nonprofit organization. Thereare no excuses for nonprofit board members not to understand what isgoing on in the organization, nor are there any excuses for board membersnot holding the ED accountable for the actions of his or her staff.

New Expectations for BoardOversight and Governance

With the passage of SOX, the bar was raised on all organizations, not justpublicly traded corporations, and not just nonprofits. All organizations thatconduct business within the United States are subject to greater scrutiny.Public trust is an important issue that all organizations—public, private, andindependent (nonprofit)—need to address.

Some nonprofit boards have been collections of friends, business acquain-tances, and even family members. Prior public scrutiny and expectations re-garding nonprofit boards was low. They were expected to provide a rubberstamp of approval for the ED and raise money if necessary. Often, the mem-bers’ personal checkbooks were the main source in the nonprofit’s fundrais-ing strategy. Within the past decade, the number of prominent nonprofitsembroiled in financial scandal has increased dramatically. With the enact-ment of SOX in relation to corporate scandal, the public is demanding thatthe nonprofit world be held to the same level of accountability to protect thebillions of voluntary donations that pour into this sector each year.

new expectations for board oversight and governance 89

ch06_4386.qxd 2/10/05 10:15 AM Page 89

Exh ib i t 6 . 1 board pract ices compar ison

Yesterday’s Board Practices SOX Best Practices for Today’s Board

Board members selected without Nominating committee rigorously screens screening process. prospective members and submits

nominations to full board for vote.

Either board members do not receive Board members receive extensive orientation or the orientation is a orientation, including job description, social gathering. performance expectations, bylaws,

complete financial documents, strategicplan, and other relevant documents.

Board members are expected to be Board members are expected to review all passive at board meetings; agenda is materials in advance of the board meeting primarily staff-driven. and come fully prepared to analyze,

deliberate, and debate, if necessary, theissues at hand. Board members know howto read and analyze financial reports andspot important trends.

Board culture reflects belief that the Board culture reflects the reality that the nonprofit is a “Mom and Pop” nonprofit is a financially viable business operation governed by well-meaning enterprise governed by competent volunteers. directors and their leaders whose primary

allegiance is to the mission of theorganization.

Board members are known to have Board members are required to sign a profited from their position on the conflict of interest statement on an annual board through the nonprofit’s basis for the purpose of identifying any contracts with their businesses. existing, or possible, conflicts of interest.

Board members are prohibited from havingcontracts of any kind with the nonprofit, orother types of self-dealing.

Higher Expectations for BoardMembership and Deliberations

The best practices that have emerged from SOX have ushered in a newmodel of governance, one in which the board members are expected to becompetent, questioning, and assertive about the important issues facing thenonprofit. Board members are expected to come to the meetings preparedto discuss and deliberate. Exhibit 6.1 provides examples of how SOX bestpractices can serve to facilitate change in nonprofit board culture.


ch06_4386.qxd 2/10/05 10:15 AM Page 90

higher expectations for board membership 91

Yesterday’s Board Practices SOX Best Practices for Today’s Board

Board members are the nonprofit’s The board orientation clearly articulates “aristocracy” and are permitted to that the board’s only employee is the order the staff about and/or demand executive director (ED), and stipulates that favors. all board members will conduct themselves

in a professional manner at all times.

The size of the board emphasizes The size of the board reflects the number quantity over quality. of directors who are necessary to staff the

committees and carry out the worknecessary for quality governancedeliverables.

Directors’ and officers’ insurance is All boards are indemnified through the only for large nonprofits. purchase of D&O insurance.

Audits are only for large nonprofits. An audit or financial review is required onan annual basis. An audit may be stip-ulated depending on the organization’sbudget and relevant state legislation.However, smaller nonprofits should arrangefor a review of its financial records.

Traditional Standards of Board Member Behavior

In addition to these new expectations, boards (nonprofit and private sec-tor alike) have always had standards of behavior associated with member-ship. The quality of board decisions and actions are evaluated based onhow board members understood their obligations to the nonprofit insti-tution, and how carefully they deliberated before making a particulardecision/action. Board members are expected to conduct themselves andmake decisions consistent with three (3) legal standards—care, loyalty, andobedience. The three standards describe the types of consideration thatshould go into behavior and decisions. The basic legal standard of the “rea-sonably prudent person” is particularly significant as the courts look to de-termine if the board took reasonable steps in decision-making or action.Exhibit 6.2 summarizes these standards and the expected impact on boardmember behavior.

The United Way of the Bay Area and the Haight-Ashbury Free Clinicare examples of boards that failed to live up to these standards. In all of theexamples, the boards clearly did not understand their obligation to overseeinternal controls and to abstain from self-dealing.

ch06_4386.qxd 2/10/05 10:15 AM Page 91


Exh ib i t 6 .2 Board Standards

Legal Standard Expected Behavior

Care The director shall discharge his or her duties as a director, includinghis or her duties as a member of a committee in good faith andwith a care that an ordinarily prudent person in a like positionwould exercise under similar circumstances, and in a manner thedirector reasonably believes to be in the best interest of theorganization.

Loyalty In his or her capacity as a member of a nonprofit board, theindividual is to give first priority to the institution in makingfinancial decisions. This means that board members may notengage in activities with the nonprofit that will result in personalgain, nor are board members to use their board status as meansto any personal gain—financial or otherwise.

Obedience Directors are required to act within the bounds of the law generally,and with the intent of achieving the organization’s mission asexpressed in its charter and bylaws.

In addition to the fundamental legal standards of care, loyalty, and obe-dience, board members have always been expected to:

• Attend board meetings on a regular basis. Board members who do not at-tend meetings regularly have only a marginal understanding of thenonprofit’s operational, financial, and governance issues. These boardmembers make poor representatives of the nonprofit, and in their lackof knowledge can make unwise decisions.

• Understand their governance role. Board members, by the legal standardsof care, loyalty, and obedience, are expected to put the welfare of thenonprofit ahead of any personal consideration, and certainly ahead ofany personal gain. Board members are not there to micromanage thenonprofit, nor are they simply “window dressing” for senior man-agement’s agenda.

• Read and understand (or ask questions until they obtain clarity) all materialssent in advance of a board meeting. The operative expectation is thatboard members come to board meetings prepared to ask questions orobtain clarity because they have carefully reviewed all of the materi-als in advance.

ch06_4386.qxd 2/10/05 10:15 AM Page 92

• Review financial documents carefully and provide appropriate oversight. Boardmembers are expected to either understand the financial documentsor seek assistance in learning how to read and interpret financial state-ments. In the area of financial operations, board members need to askthe difficult questions and insist on appropriate financial materials.

• Disclose any real or potential conflicts of interest. Board members, in orderto adhere to the standard of loyalty, must disclose any real or poten-tial conflicts of interest to the board. The rest of the board needs toknow about these real or potential conflicts of interest so that stepscan be taken to eliminate the impact of these conflicts on board de-liberations and decisions.

• Adhere to a code of ethics. Board members need to adhere to a Code ofEthics that spells out the nonprofit’s values and principles. Adherenceto a Code of Ethics is another way in which board members put theinterest and well-being of the nonprofit ahead of their own.

Upgraded Standards: Putting SOX Best Practices in Motion

The SOX legislation ushered in a new accountability based on a set of ex-pected outcomes. The discussion in this section outlines the types of bestpractices that emerged from the SOX legislation and how these wouldwork for your nonprofit board. (See the appendices listed for samples ofdocuments related to these best practices.)

• Board recruitment and retention (Appendix G). Today’s nonprofit boardscannot afford to be populated with individuals who are passive and/orlack the requisite skills—and assertiveness—to provide appropriategovernance and oversight to the nonprofit.

• Audit committee (Appendix D). Nonprofit boards need to have a sep-arate audit committee that includes at least one board member who isa financial expert. The audit committee must ensure that auditors arenot also engaging in additional services, such as consulting, for thenonprofit. The committee is also responsible for ensuring either thatthe auditing firm is rotated every three to five years, or that the leadauditor is rotated off the nonprofit’s audit every three to five years.The members of the audit committee need to be independent boardmembers (i.e., not also members of senior management).


ch06_4386.qxd 2/10/05 10:15 AM Page 93

• Financial literacy (Appendix A). More rigorous review of financialstatements and transactions—financial literacy—for all board membersmeans that the nonprofit may need to establish a training program toensure that all members of the board understand how to read and in-terpret financial reports. The ED and CFO need to be able to certifythe accuracy of financial documents and other submissions such asForm 990s. All members of the board are fully aware of the financialcondition of the organization, and senior executives such as the EDand the CFO are able to sign without hesitation

• Code of ethics for board and senior management—prohibition of inside deal-ings (Appendix F). The board needs to adopt a policy strictly pro-hibiting personal loans to any director or officer, and an HR policythat prohibits lending money to the CEO, ED, CFO, or other staff.This policy describes the types of behavioral expectations that relateto the roles of board member and member of senior management.One particularly significant provision is the prohibition against anytype of loan or financial gift by the nonprofit to a board member ormember of the staff at any level. No exceptions should ever be madeto these policies.

• Conflict of interest policy (Appendix E). Why is not disclosing a conflictof interest a violation of this legal standard? Contrary to what manynonprofit board members believe, disclosing that you may have a po-tential conflict of interest is not a crime against humanity! A conflictof interest is simply that—the situation can, if ignored, establish con-flicting interests between the board member and the nonprofit. Theindividual board member is not guilty of anything by disclosing thatshe has a potential conflict of interest. Actually, this type of disclosureis something to be applauded! The important next step is to have thepotential conflict of interest documented via a conflict of intereststatement that all board members—and senior staff—should submiton an annual basis or in the event that the board member learns of apotential conflict of interest. A sample of a conflict of interest policyand letter is in Appendix E.

Once the conflict of interest is documented, the individual shouldbe excused from the conversation/vote whenever his or her par-ticipation would be inappropriate. The minutes should reflect that


ch06_4386.qxd 2/10/05 10:15 AM Page 94

Ms./Mr. X was excused from the discussion on the nonprofit’s insur-ance coverage because he or she is a member of the insurance com-pany’s board.

• Whistleblower protection (Appendix B). This policy was discussed in de-tail in Chapter 5. It is important that the nonprofit have a whistle-blower protection policy for all staff and volunteers, and enforce itwithout exception. Board members are willing to blow the whistle oninappropriate behavior and will be supported by other board mem-bers and board leadership.

• Document preservation policy (Appendix C). This policy was also dis-cussed in detail in Chapter 5. Establish a system that documents thepolicies that are in place and the methods for enforcement, and en-force it.

• Adequate insurance. The nonprofit and the board need to be adequatelyprotected. It is essential that the nonprofit purchase directors’ andofficers’ liability insurance, general liability, business interruption, au-tomobile, property and casualty, and other important insurance cov-erage. The nonprofit’s insurance professional is a key player on thisteam. She can provide advice on the types of policies that are right foryour organization.

• Keep informed about current regulatory practices. As mentioned in Chap-ter 1, the IRS is seeking to update Form 990 in direct response torecent events concerning the integrity of financial disclosures of non-profits. The reason why it is considering whether Form 990 or otherrequirements should be modified to provide similar measures is toincrease public confidence in the integrity of disclosures by exemptorganizations. Among the possible requirements that the IRS is con-sidering are disclosures regarding whether conflict of interest policieshave been adopted, whether there are independent audit committees,and whether certain exempt organizations should be required to dis-close information about transactions with substantial contributors,officers, directors, trustees, and key employees, plus any other changesto Form 990 that would increase public confidence in the integrity ofexempt organization disclosures. The consideration of these possibleupgrades in requirements comes on the heels of recent Congressionalinquiries into accountability of the nonprofit sector in general.


ch06_4386.qxd 2/10/05 10:15 AM Page 95

SOX and the Board: HigherPerformance and GreaterAccountability

SOX best practices relating to governance emphasize the importance of re-cruiting a board that is the right size for the nonprofit, has the right com-petencies, skill sets, and understanding of SOX best practices, and has theright attitude/perspective about its governance role.

Incorporating Best Practices within Board Activitiesand Administration

Board Member Screening and Orientation The current members ofyour nonprofit board were possibly recruited from many sources—friends,relatives, donor database, or nonprofit clearinghouses. Some of the mem-bers of the board are appropriate to the organization, and some may be inover their heads in terms of understanding their roles and what is expectedof them. SOX best practices presumes that all members of the board arequalified to serve; that is, competent to serve in a governance role, and pos-sess an understanding of what is expected of them and a skill set that servesto accomplish expected performance.

Screening and Selecting Board Members Board members should berecruited based on those specific areas of expertise, diversity, or back-ground that the board’s leadership and nominating committee have iden-tified as significant to the nonprofit. Under no circumstances should morethan one member of a family be seated on the board, nor should a familymember of any staff be seated on the board. Similarly, vendors and con-sultants to the nonprofit should be disqualified for board membership.Those individuals who are seated on the board should also agree to sign aconflict of interest statement on an annual basis and should understand thatthey are required to disclose immediately any circumstances that could beconsidered a conflict of interest. In today’s environment, even the appear-ance of a conflict of interest is unacceptable.

Size of the Board and Board Composition Depending on the size ofthe nonprofit, the ideal board size is somewhere between 7 and 16 mem-bers. Boards smaller than 7 can become deadlocked, and those larger than16 can become unwieldy or experience a chilling effect on discussion, dis-


ch06_4386.qxd 2/10/05 10:15 AM Page 96

sention, and possibly the emergence of a ruling elite, which generally takesthe form of the executive committee.

The board should establish procedures to ensure that new members arerecruited, trained, and understand their roles and obligations, includingterm limits. Boards should ensure that the size of the board is appropriateto the size and needs of the organization

Boards should also endeavor to evaluate their own performance as agovernance entity, and the performance of their individual members.These performance standards should include attendance at meetings, com-mittee work, fundraising, preparation for discussion, participation in strate-gic planning, and other activities.

Board Orientation

How do board members learn about what is expected of them? One of thebest ways to offer a complete introduction to board service is through acomprehensive orientation and subsequent in-service training sessions. Theorientation for new members should be crafted to address the important is-sues and expectations. The orientation should also be held at a time of daythat would accommodate most members—and should be approximately 90minutes to 2 hours long. The topics that are not addressed in the initial ori-entation can be covered in subsequent in-service sessions.

The primary learning objectives of any board orientation include that:

• New board members understand the nonprofit’s mission, vision, andstrategic plan.

• New board members have an understanding of the nonprofit’s historyso that they can appreciate where the organization has been andwhere it is headed.

• New board members understand their obligations and performanceobjectives.

• New board members understand the board policies on meetings, at-tendance, conflict of interest, and other policies that emerge fromSOX best practices.

• New board members have received their job descriptions and under-stand their performance expectations and fiduciary obligations asboard members.

higher performance and greater accountability 97

ch06_4386.qxd 2/10/05 10:15 AM Page 97

Although a board orientation is an important event, be respectful of boardmembers’ time. Do not design a board orientation that resembles the one thata board chair insisted that new members attend. The orientation lasted from12 P.M. to 6 P.M. on a business day! Despite the fact that this board chair wasa retired businessman, he was impervious to the reality that board memberswith demanding jobs could not possibly justify taking six hours out of aworkday to attend a board orientation! Incredibly, the same board chairscheduled a daylong board retreat (10 hours counting travel time to and fromthe remote location) within two weeks of the six-hour board orientation. Intotal, the new members of this board were expected to be away from theirprofessional obligations for 16 hours within the timeframe of two weeks.

Championing SOX Best Practices:The Board’s Governance Role

The SOX best practices presume that boards are actively engaged in theoperations of the nonprofit. This does not mean that boards are expectedto micro-manage, but it does require that the board and senior manage-ment are highly interactive. Those twentieth-century board governancemodels that presume the board fulfills its obligations at arm’s length whilepondering their universal theory of governance have always been bogusand today are absolutely dangerous. Accountability is the key and will be amajor component within future state laws and regulatory requirements rel-ative to nonprofit accountability.

• Decision-making models. Board members need to understand that theyare expected to fully participate in decision-making. To facilitate pro-ductive discussion and efficient use of time, board leadership can in-stitute ground rules to control the length of time that any one personhas the floor, issues related to civility of discussion, and the use of a“timed” agenda and Robert’s Rules to ensure an orderly meeting.Pre-meeting preparedness is an essential element to any successfulmeeting. Board members need to receive materials at least one weekprior to the meeting. Today’s technology can streamline the processby sending the material as e-mail attachments or by fax. Regardless ofthe means of conveying the materials, the board members must cometo the meeting prepared to deliberate/make decisions. A functionaldecision-making model also presumes a board culture that supportsasking difficult questions and making business-like decisions. Non-


ch06_4386.qxd 2/10/05 10:15 AM Page 98

profits can no longer afford to have a “Mom and Pop” mindset, norcan they afford to have competent professionals on their boards whoabdicate their governance obligations.

One of the challenges in board deliberations is the tendency to en-gage in endless analytic exercises. Reports from standing committeesor ad-hoc groups should include recommendations based on solidanalysis. The board should request the level of information that is nec-essary and sufficient for reasonable decision-making. The meetingagenda should outline the decisions that are to be made at the meet-ing, allocate sufficient time for discussion, and then call a vote.

Board members who want to commandeer the agenda tend to uselengthy discussion as a strategic weapon. In this way, the important is-sues never come up for a vote. The board leadership needs to be as-sertive in ensuring that the agenda is balanced and that the necessaryvotes are taken.

• Board leadership and role clarity. Board members, particularly board of-ficers, have an obligation to the organization, its staff, clients, volun-teers, donors, and the community at large to conduct themselves in aprofessional manner while acting in their role as board members. Thegood name of the organization can be enhanced or compromised de-pending on how they conduct themselves—in person, in print (lettersor documents), and online via e-mail.

In our story about the Gulf Coast Spinnaker Society, Wendell be-rated board member Ann for raising the issue of a staff member’s con-flict of interest. The Society’s board chair, Samantha, was also presentat the finance committee meeting. When Ann later checked her e-mail, she was shocked to discover that Samantha sent her a vicious e-mail condemning Ann’s questioning of a potential conflict of interest,and furiously admonishing her for failing to give higher deference toWendell in his role as treasurer. Happily, Ann is a responsible boardmember, so she deleted the e-mail. However, Ann might very wellbe tempted to forward this delicious piece of hubris to a friend orfamily member—and who knows where it might be forwarded fromthere. Board chairs like Samantha may think their position gives themthe right to keep other board members in line by verbal abuse and in-timidation, but anything in writing may appear some day on the frontpage of The Washington Post—or The New York Times.

the board’s governance role 99

ch06_4386.qxd 2/10/05 10:15 AM Page 99

• Staff and board interaction. The board has only one employee, the EDor CEO of the nonprofit. The ED or CEO is the link betweenthe board and the rest of the staff who report to the ED or CEO.Although this appears to be a neatly arranged division between boardand staff, the reality is that the board routinely interacts with staff viaboard meetings and committee meetings. Board members are not thestaff members’ supervisors. If an employee files a hostile-workplacecomplaint based on the behavior of a board member, pay attention tothat red flag and deal with it decisively. Board members should also beadmonished to redirect any staff “tattling” back to the ED.

All Nonprofit Boards Should Work Toward These Ethicaland Operational Principles

At the center of good governance are ethical and operational principles thatguide board members in discussion, activities, and decisions that put thewelfare of the nonprofit before personal or professional gain.

• Governance and oversight. The Senate Finance Committee’s staff pro-posals and California’s Nonprofit Integrity Act are based on the pre-sumption that nonprofit boards have established policies to set goalsand objectives for the organization, and protocols to oversee the non-profit’s operations, particularly financial operations. The Senate FinanceCommittee staff proposals emphasize imposing criminal liability forfailing to ensure that the CEO was provided reasonable assurance ofthe accuracy and completeness of all material aspects of the return.

• The board is the final authority in the nonprofit, and is obligated toclosely supervise its only employee, the CEO.

• The Nonprofit Integrity Act further requires of nonprofits whosebudgets are in excess of $2 million that the board approve the com-pensation packages of senior management.

The Board’s Overall Responsibility for the Managementof the Nonprofit

In addition to the principles that have emerged from the current legislativeenvironment, boards need to consider adopting traditional tenets that ad-dress board authority and overall responsibility for the management of the


ch06_4386.qxd 2/10/05 10:15 AM Page 100

nonprofit. Boards are responsible for crafting the procedures, policies, andprotocols that ensure the nonprofit complies with federal, state, and locallaws, and is a going concern.

The board’s fiduciary obligations require careful oversight of financialoperations to ensure that a budget is crafted on an annual basis, to ensurethat an annual audit or financial review is conducted, and that IRS Form990s are submitted in a timely fashion. Additionally, the board is responsi-ble for ensuring that all other financial reports are generated in a timelyfashion.

The board should ensure that it complies with relevant federal law andregulations, state law and regulations, and any local ordinances. The boardshould also ensure that documentation of its actions, and board minutes,are prepared in the appropriate manner, and stored per the DocumentRetention policy.

The board should ensure that human resource policies are in place tosafeguard the rights of employees and volunteers, and that every employeeand volunteer has a job description and a method by which his or her per-formance is appropriately and fairly evaluated. The board should also ensurethat the nonprofit publishes an employee manual and a volunteer manualthat identifies and outlines policies that apply to employees and volunteers.

The board, as the ultimate authority in the nonprofit, is responsible forensuring that the nonprofit is adequately insured, including the variety ofinsurance policies that are required for the nonprofit’s operations, profes-sional liability coverage (if applicable) and directors’ and officers’ insurance,including Employment Practices Liability Insurance for the board. Theboard is also responsible for ensuring that this coverage is secured at a com-petitive price, and that the nonprofit’s insurance professional is responsiveto the nonprofit’s needs and requirements.

Fundraising

The California Nonprofit Integrity Act (SB1262) is the first Sarbanes-Oxley “clone” law dealing with nonprofits. As other states adopt thesetypes of “clone” laws, the topic of fundraising will surely be a commontheme. As was codified in the new California law on nonprofit integrity,the board has an obligation to ensure that fundraising activities are con-ducted with integrity, with attention to donor privacy. Further, the board

the board’s governance role 101

ch06_4386.qxd 2/10/05 10:15 AM Page 101

has an obligation to perform due diligence before signing contracts withthird-party fundraising vendors. The California law also placed the burdenof closer supervision of all fundraising activities on the shoulders of thenonprofit (i.e., the board). The activities targeted by the California lawwere fundraising practices that involved coercion or undue influence.Under this new law, nonprofits would be held accountable for thefundraising abuses of their vendors. This provision presents similar themesto the testimony of two confidential witnesses at the Senate Finance Com-mittee hearings in June who revealed abuses in car donation fundraising(“Mr. Car”) and the exploitation of charitable assets for private gain (“Mr.House”).

Conclusion

One of the common themes in the legislative environment is the author-ity and accountability of the board as the ultimate authority of the non-profit. This type of attention and focus is unprecedented, and hence, cancome as a shock to those nonprofit boards and board members who believethat they are fulfilling their duty simply by attending a board meeting. Thecultures of nonprofit boards and nonprofit organizations need to be opento change before SOX best practices can be adopted. Chapter 7 discusseswhat organizational culture is, and the role this intangible but essential or-ganizational element plays in SOX best practices.

Today’s more rigorous environment calls for nonprofit boards to revisittraditional expectations, and to incorporate new ways in which their gov-ernance skills can be sharpened, and their commitment to accountability bereinforced. Although California may be the first state to enact what iscalled a SOX “clone” law for nonprofits, it is just a matter of time beforethis type of legislation is replicated throughout the country. Twenty-firstcentury governance expectations apply to all organizations regardless of thesector in which they operate.


ch06_4386.qxd 2/10/05 10:15 AM Page 102

103

SOX Best Practices andOrganizational Culture:Changing the Environment

The strains of Debussy’s Afternoon of a Fawn wafted through the well-appointed conference room. The Wine County Dance Company’s boardwas about to meet in the conference room of its treasurer, a successful at-torney. The Dance Company’s ubiquitous volunteer administrator wasgreeting board members as they arrived. One board member, curiousabout the dance company’s Web site’s numerous links to the volunteeradministrator’s personal pages, did an investigation of the site via thewww.whois.com Web site. The dance company’s Web site was not ownedby the nonprofit, it was owned by the volunteer administrator! The boardmember raised this issue during the meeting and was shocked to find thatno one on the board seemed to care! It was the same level of disinterestthat was presented as the treasurer announced that the Dance Companyhad not filed its Form 990 for the last three years.

The Nonprofit’s OrganizationalCulture and the Adaptation ofSOX Best Practices

What Is Organizational Culture?

Sometimes when you walk into a nonprofit, or a business, you can just feelwhat it must be like to work there. Something about the way people talk,

Chapter 7

ch07_4386.qxd 2/10/05 10:16 AM Page 103

dress, or act sends out signals. Other clues come from the way the officeslook—are they cluttered and disheveled, or neat, but cold? Some officesexude “high class” pretension, while others have a distinctly antiestablish-ment feel.

Learning to understand a nonprofit is much like peeling an onion; thereare layers upon layers to peel back. Nonprofits aren’t just the people whopopulate them, although the people can be the face of a nonprofit. Fromdeep within nonprofits come the rules—written and unwritten—abouthow things are done, how problems are solved, and what’s valuable. In anynew job, there is generally a person or group of people tasked with “show-ing the ropes” to the new hire. Often, the unwritten rules come under therubrics of “how to get along around here.” The unwritten rules exist be-cause either everyone agrees with them, or everyone feels compelled tocomply with them. The idea that the “way things are done around here”as a shared notion is key to understanding nonprofit culture.

Edgar Schein defined organizational culture as a system of shared basicassumptions that helps people within the organization to cope with exter-nal forces, solve problems, and pass along the learned methods for dealingwith operational issues.

Organizational culture is reflected in the way newcomers are selected tobecome a part of the institution, whether the newcomers are new staff, ad-ministrators, volunteers, or board members. Once the newcomers have ac-cepted the invitation to join the nonprofit in whatever capacity, what theyare told about the nonprofit and how they are shown the ropes of routineinstitutional life is a reflection of organizational culture. Some nonprofitsare very open about how decisions are made, how ideas can bubble up, andhow grievances are settled. Other nonprofits have a very hierarchical struc-ture, and sending messages upward requires elaborate protocols. The pres-ence of one or more bargaining units (unions) also affects the nonprofit’sorganizational culture.

Probably the most powerful illustration of how an organization’s cultureworks is in the types of behaviors that either are rewarded or have no con-sequences imposed. Even more importantly, what types of behaviors areeither punished or extinguished? The terms reward and punishment here arenot to be taken as entirely positive or negative. Consider the two words interms of whether negative consequences are imposed by the institution forengaging in particular behaviors. Staff who do not show up for work and

104 chapter 7 best practices and organizational culture

ch07_4386.qxd 2/10/05 10:16 AM Page 104

have not called in sick will probably have some type of consequence im-posed for this behavior—reduction of pay for that week, assessing multiplesick days/vacation days, or a letter of reprimand. However, other destruc-tive/negative behaviors such as failing to meet deadlines, failing to complywith new directives, or foot-dragging in terms of SOX best practices mighthave no consequences imposed.

Conversely, some behaviors are discontinued (i.e., extinguished) be-cause insufficient positive reinforcement has been extended. Consider thecase of a staff member who worked long into the night to complete a re-port for the next day. If his or her supervisor does not show the requisitelevel of appreciation, it is unlikely that the staff member will go to thoselengths in the future. Whether a behavior is repeated is often contingentupon the degree of positive or negative reinforcement applied in immedi-ate response to the behavior.

Behavior can be either reinforced or extinguished based on an organi-zation’s cultural environment, values, beliefs, and applicable resources.Every organization has a unique and irreplaceable culture that reflects itshuman dimension. In other words, the unique interaction of people withinan organizational environment helps to perpetuate the behavioral and cog-nitive norms that are part of the organization’s culture, while punishing orextinguishing behaviors and (articulated) values that are perceived as con-trary to the established norms.

Working to improve your nonprofit’s organizational culture is an in-tegral part of keeping your nonprofit as a viable entity. That means thatthe organizational culture needs to be changed to adopt new and bettermethods of management. Rewards and incentives can be valuable tools interms of recruiting key organizational players to support the implementa-tion and continued maintenance of the SOX best practices program. Thenonprofit’s overarching values found in the mission statement are a goodplace to start. The adaptation of SOX best practices should begin withboard members and senior management.

Clues to Interpreting a Nonprofit’s Culture

Organizational culture isn’t something that you can put in a container orunder a microscope. However, within any nonprofit there are importantclues to help the observer make sense of the current organizational culture.

the nonprofit’s organizational culture 105

ch07_4386.qxd 2/10/05 10:16 AM Page 105

• Language. How do people within the nonprofit speak to each otherand to the clients, volunteers, donors, and the public? Although inour multicultural society, there is a wide array of ethnic languages thatare spoken in nonprofits, this element of a nonprofit’s culture centerson the manner and content of what’s spoken. Does the staff speak inbureaucratese, alphabet soup, or by some other linguistically relevantclues to the nonprofit’s operations?

• Traditions and ceremonies. Is the annual picnic a “you-are-invited-and-will-attend” event? What holidays are celebrated? Birthday parties?Why are these or other events or gatherings significant within thenonprofit? Other traditions and ceremonies can include a volunteerawards ceremony, or an award presentation named after a majordonor. The nonprofit’s culture can be observed in how these eventsare run, what the expectations are of the event, and of the partici-pants. What is the frequency of these events? If these events occur ona regular basis, how much anticipation can be felt?

• Behavioral norms. Every nonprofit has behavioral norms (i.e., how thestaff and volunteers are expected to behave, to dress, to present them-selves in terms of personal grooming, and how to treat others). Doesthe nonprofit require staff to come to work in business attire? If not,does the staff attire resemble the attire of the clients? Behavioral normsalso focus on the way in which management and staff behave towardeach other. When a board member enters the nonprofit’s offices, howis that person received? Are staff permitted to take long lunches, callin a vacation day without prior notice, or decide to work at homewithout consulting a supervisor?

• Rules of the game. These are implicit rules for getting along in the non-profit. Sometimes the rules directly relate to navigating the dangerousshoals of office politics. These rules are unwritten but very powerfulin the types of consequences that are imposed for those who either ig-nore or unwittingly break the rules.

• Beliefs and values. The nonprofit’s values are often embodied in themission statement. However, there are other values and beliefs thatare entrenched within the organization, but do not appear in the mis-sion statement. Sometimes these beliefs and values parallel or supportthe mission, such as generosity and concern for the community at


ch07_4386.qxd 2/10/05 10:16 AM Page 106

large. Other beliefs and values can come into play within a nonprofit,such as not having to play by the rules because we are a nonprofit, orbecause we serve poor people, or because we serve rich people, orjust because!

• Policies and protocols that guide how a nonprofit conducts operations. The wayin which a nonprofit presents itself to major donors, funders, and thecommunity can present clues as to what is or is not happening withinthe organization. Although some nonprofits take great pains to coverillegal behavior, those organizations are by far the exception. Mostnonprofits are transparent about who they are and what they do. It’show this is presented that holds the clue to the nonprofit’s culture.

• Environment. The notion of environment takes on many layers,whether it is the ambiance of the office, the way the nonprofit facili-ties are decorated, the ways people behave, or even the nonprofit’slogo. For example, a long-time provider of services to individuals liv-ing with AIDS changed their somewhat dour logo to a more upbeatsymbol as the medical world made strides to alter AIDS to a diseasethat people live with rather than the death sentence the diagnosisprovided two decades ago.

Even the art objects in the nonprofit’s facilities can provide clues tothe organizational culture. Does the nonprofit have valuable sculptureand art in its offices, or artwork and crafts created by disabled children?

• Problem solving. How does the nonprofit go about solving problems?Are there committees, ad hoc groups, or just the ED and his or hermanagement team? What does the nonprofit consider a problem?

• Strategic planning. How does the nonprofit integrate mission and strat-egy, including goal setting? How does the nonprofit go about ob-taining a consensus on the vision and direction of the organization?Do strategic goals emerge from the mission and its core values?

• Goals. The way in which a strategic plan is developed is one clueabout the nonprofit’s culture, but a far more revealing element is theway in which an evaluation strategy is implemented that measuresthe accountability, rewards, labor, and resources to achieve the goalsin the strategic plan.

• Intervention strategies. How does the nonprofit come to the conclusionthat it must take steps to change direction? If goals are not being met,


ch07_4386.qxd 2/10/05 10:16 AM Page 107

or the external environment has changed, or its internal processes arenot meeting organizational needs? How long does it take the non-profit to realize that something dramatic must happen? For some non-profits, their reluctance to admit that there is a problem is anenormous barrier to progress.

The organization’s culture is the synergy of these elements, although de-ciphering organizational culture can become a very complex process.Being open to hearing and seeing the clues is important, as these are theconduits to introducing change. Now more than ever, it’s important tolook closely at your nonprofit and its organizational culture. SOX bestpractices can only be adopted if the nonprofit is ready to implement thesepractices and incorporate them into a new culture of compliance.

How Organizational Culture Can Act as a Barrier toSOX Best Practices

This section describes how organizational dysfunction manifests itself withinthe nonprofit, particularly in relation to those areas addressed in SOX bestpractices, and those areas targeted by the IRS, the Senate Finance Com-mittee, and the California Nonprofit Integrity Act (see Exhibit 7.1).

In Chapter 1, we examined the current legislative environment for non-profits in terms of testimony at the Senate Finance Committee’s hearingson nonprofit accountability, staff recommendations, and the provisions ofthe new California law on Nonprofit Accountability.

• Some of the themes that emerged from the IRS Commissioner’s tes-timony and the Finance Committee staff proposals were, “If theseabuses [by nonprofit organizations] are left unchecked, I believe thereis the risk that Americans not only will lose faith in and reduce sup-port for charitable organizations, but that the integrity of our tax sys-tem also will be compromised.”1

• Nonprofits will be held accountable for demonstrating that theirmission, vision, and practices are consistent with their 501(c )(3)designation.

• Accreditation and reauthorization may be imposed on all nonprofitorganizations.


ch07_4386.qxd 2/10/05 10:16 AM Page 108

• The IRS will scrutinize Form 990s with greater vigilance. Com-missioner Everson testified that the Bush Administration authorizedfunding for more aggressive enforcement of nonprofit compliance.Commissioner Everson added that in the past, the IRS was reluctantto pursue nonprofits, but given the recent high-profile scandals, theIRS, with the blessing of the Administration, has toughened itsstance.

• Nonprofit boards, as the ultimate authority in a nonprofit organiza-tion, will be held accountable for the actions of the senior manage-ment and staff. Failure to provide assertive oversight will no longer betolerated.


organ i zat ional behav ior and Exh ib i t 7 . 1d ysfunct ion

Behavior Organizational Dysfunction

Senior management ignores directive Chain of command is compromised. Job of executive director (ED). descriptions and roles not clear. Failure to

impose significant consequences forignoring a superior.

Financial statements not produced on Internal controls lacking. Staff not held time or in a professional format. accountable for failing to meet deadlines.

Staff refuse to comply with directives Organizational culture does not support such as document retention policy. individual accountability. Management

does not reinforce accountability withconsequences.

Form 990s are never submitted on Board lax in holding management time—sometimes more than one year accountable for compliance with IRS passes before they are submitted. regulations.

No policy in place to track credit card Organizational culture supports naïve expenditures by staff and management. belief that staff and management would

not misappropriate funds. Lax tracking offinancials due to inattention.

Executive compensation packages are Board does not understand its governance never questioned by the board. role. Management may have endeavored to

“stack” the board with friends.

ch07_4386.qxd 2/10/05 10:16 AM Page 109

The changing regulatory atmosphere indicates that it isn’t a question ofif or when nonprofits will be under greater scrutiny—the time has alreadycome. Understanding your nonprofit’s organizational culture will be crucialin designing the strategies that you will need to employ to implement thesebest practices and move your nonprofit to a platinum operating standard.

Although we may be excited to begin a SOX best practices programwithin our nonprofit, often we need to work hard to bring others onboard. We might find it particularly difficult if we work in an organizationwhere senior management or the board often pursue the latest manage-ment craze only to drop it in a short time. SOX best practices is not a fad,but a way of working, thinking, and conducting business to actively reducethe potential for loss, damage, injury, or harm to the nonprofit’s goodname.

What can we do to adequately prepare the nonprofit’s staff, volunteers,and other stakeholders to learn about SOX best practices? More impor-tantly, what can we do to adopt SOX best practices in their daily work andinteraction at the nonprofit? The first thing we must do is intervene tomodify the nonprofit’s organizational culture.

Introducing Change

How can change be introduced? Real and lasting change begins with pro-viding these stakeholders with information that illustrates that SOX bestpractices need to be implemented immediately and permanently. In otherwords, people need to be given information that makes a compelling casefor changing their behavioral norms—immediately. The information pro-vided should be of such compelling nature that people understand that theonly acceptable option is to change current normative behavior to behav-ior that is consistent with new expectations.

Factors in Modifying Current Organizational Culture

Now that we understand a little about how organizational culture works,we can see that change emerges from information that plainly illustratesthat the current way of doing things isn’t working, and requires changes inreward structure, modeling desired behavior—from the top down—andenforcing new standards


ch07_4386.qxd 2/10/05 10:16 AM Page 110

It isn’t enough for a board chair to announce that the nonprofit is em-barking on a SOX best practices program, all of the stakeholders need tounderstand that this is not a passing fad, but a real and lasting change in theway things are done around the nonprofit, and what behaviors are and arenot tolerated.

Modeling the New Behavior: SOX Best Practices

How can this be accomplished? First, the board and senior managementneed to take steps to illustrate, perhaps repeatedly, that their behavior haschanged because of their commitment to adopt SOX best practices withinthe nonprofit. The board and senior management need to determine howto convey the basic principles of SOX best practices to the rest of the or-ganizational community, and how to influence a change in their on-the-job behaviors. The board and senior management need to examine theways in which the various stakeholder groups within the organizationlearn, and how the change to adopt a SOX best practices program can con-nect with their values as staff or volunteers within the organization. Pro-viding organizational stakeholders with meaningful SOX best practicesorientation and training, and having the new behaviors reinforced with ap-propriate incentives is a solid beginning to change the nonprofit’s organi-zational culture.

The nonprofit’s senior management has the opportunity to present theways in which the nonprofit will address SOX best practices, and the op-portunity to show his or her commitment to the process of SOX best prac-tices and to its outcomes. One of the most effective ways of “modelingnew behavior” is for the nonprofit’s senior management to discuss some ofthe ways in which they have adopted SOX best practices techniques andpractices. This is particularly instructive, as it illustrates how SOX bestpractices techniques and practices apply within nonprofit operations, anddemonstrates a commitment to SOX best practices.

The nonprofit’s management might also consider the technique knownas social marketing as a means by which informal leaders within the staff, vol-unteers, and other stakeholders promote SOX best practices techniquesand practices. Social marketing has a side benefit of providing practical il-lustration of how SOX best practices works within a distinct functionwithin the nonprofit, or how it works in a cross-disciplinary manner.

introducing change 111

ch07_4386.qxd 2/10/05 10:16 AM Page 111

Change is a scary thing for many people. Generally, the way in whichorganizational culture is reinforced is through the application of rewards fordesired behavior and the application of consequences for behavior thatneeds to be modified or extinguished.

The use of rewards and/or consequences in reinforcing the significanceof SOX best practices centers on the inclusion of a SOX best practices per-formance standard in every staff member’s performance standards for theupcoming year, or marking period. Staff and volunteers will need to meetor exceed expectations on this performance standard to qualify for salaryincreases or other rewards. However, the most visible means by which theimportance of SOX best practices can be demonstrated is by the change ofbehavior and/or focus by senior management and governance within thenonprofit.

Change Takes Time

Change in any organization takes time, but change does not mean waitingforever. Once the nonprofit’s staff, volunteers, and other stakeholders seethat SOX best practices is not a fad, not a glitzy trend, that it’s part of a bet-ter way of doing business—and that there are rewards for practicing SOXbest practices—they will begin to adapt it into their routine. The impor-tant thing is to keep presenting material to educate about SOX best prac-tices. Reinforcement of the message and illustration of how SOX bestpractices works in real life and the real-life benefits that it brings will bringabout lasting change.

Nonprofit Board Culture

As we illustrated in other chapters, there’s no substitute for a bad examplein terms of clarifying a point. All boards have some level of dysfunction(i.e., nobody’s perfect), but profoundly dysfunctional boards will presentthe greatest obstacle to any change—and will certainly deter the imple-mentation of SOX best practices. The heightened accountability that ischaracteristic of public expectations in the wake of the SOX legislation andscandals involving nonprofits should serve as a catalyst for change in anynonprofit board culture.

A prime example of a highly dysfunctional board was the former boardof the United Way of the National Capital Area (UWNCA). In March


ch07_4386.qxd 2/10/05 10:16 AM Page 112

2004, the former chief executive of the UWNCA, Oral Suer, pleadedguilty to two felony charges that he stole nearly $500,000 from the non-profit and its pension fund. In May 2004, Mr. Suer was sentenced to 27months in jail, ordered to pay $497,000 in restitution, and because he is nota U.S. citizen, he will probably be deported to his native Turkey uponcompletion of his sentence. Mr. Suer embezzled close to $1.2 million. Theresult on the organization’s fundraising has been devastating. In 2001, theUWNCA collected nearly $45 million in pledges. Published reports indi-cate that the UWNCA is about to enter a third year of record-low pledgeswith totals consisting of less than $21 million.

Published reports indicate that a forensic audit was conducted on theUWNCA books. Some of the key findings include:

• Inappropriate financial dealings had been going on since 1974. This pointsto an organizational culture that permits self-dealing and discouragesinternal controls. Management over several decades have permitted,and gotten away with, inappropriate financial dealings.

• Excessive executive compensation and lack of transparency had been chronicproblems. The board ignored, or was ignorant of, excessive executivecompensation. The lack of transparency could also have been the re-sult of reluctance on the part of regulatory agencies, such as the IRS,to actively monitor the Form 990s from this agency.

• Conflicts of interest existed within the board and senior staff. The leadershipof the former board appears to have been actively involved with sen-ior management in permitting financial irregularities based on a sharedset of conflicts of interest.

Lessons Learned from the United Way of the NationalCapital Area Scandal

Although the former board of the UWNCA took dysfunctional behaviorto spectacular heights, perhaps the most important lesson is that certaintwentieth-century governance models are lethal in today’s nonprofit en-vironment. At least one of these governance models advocated a hands-offapproach to governance, exhorting boards to stick to visioning and let thestaff handle the nonprofit operations. Boards were only to meet on a quar-terly basis, and were expected to deal with the nonprofit at an arm’slength.

nonprofit board culture 113

ch07_4386.qxd 2/10/05 10:16 AM Page 113

• The board of the UWNCA was enormous, and met infrequently.When the board did meet, the agenda consisted of superficial topics,and the effect was a feel-good session designed to promote cheer-leading rather than governance.

• The UWNCA’s board culture significantly contributed to the overallmismanagement of the agency primarily because they were too big andthe majority too disinterested in holding management accountable.The board’s decision-making appeared to be consolidated among theboard leadership. Certain board members had knowledge of senior staffwrongdoing but consistently failed to advise the rest of the board.

• Interaction among board members outside of the carefully controlledmeetings was virtually prohibited. Board members who requested acopy of the board roster were refused.

• As a means of diverting attention from the board members who ques-tioned financials, the board leadership subjected the questioners to ha-rassment and public humiliation, including charges of racism. Oneboard member who persistently raised questions and resisted board in-timidation was unceremoniously removed from the board. Boardmembers were vehemently chastised for talking to the media.

• Board culture actively suppressed meaningful dialogue betweenmembership and board officers/senior management. Board leader-ship abdicated their fiduciary obligations and accountability to theUWNCA’s senior management. Board agendas were staff-driven, andboard meetings contained little substantive discussion.

In the wake of the scandal, the agency has drastically reduced its staff, re-placed its entire board and senior management, and closed most of itsbranch locations.

Sources of Board Dysfunction

For some boards, one need only enter the room to feel the tension or seethe tension portrayed in body language. Other boards happily display theculture of the clueless cheerleader. Their board members, whose role isto cheer on the senior staff, blissfully arrive at the appointed time, andare entertained with cheerful, but empty, reports. Questions, if any, areshallow—and there’s always lots of time afterward for wine, cheese, and


ch07_4386.qxd 2/10/05 10:16 AM Page 114

schmoozing. The executive committee handles all of the substantive busi-ness—whatever the senior staff wants to allow them to know. Some boardspride themselves on claiming to never having any conflict, and support thisassertion by actively suppressing any questions or objections.

Exhibit 7.2 provides examples of the dysfunctional characteristics foundin boards, and the corresponding description of the board’s culture.


character ist ics of Exh ib i t 7 .2dysfunct ional boards

Board Dysfunction Description of Board Culture

Dominated by leadership who Board is a collection of primarily passive indi-bully and dominate members viduals who choose, for whatever reasons, to

tolerate being forced into accepting the currentleadership.

The board consists of passive Board members do not understand their respon-board members who have no sibilities and legal obligations. Board attitudes term limits or obligations, and are consistent Yogi Berra’s definition of ignorance, who deal with the organization “Ignorance isn’t what you don’t know; it’s what at an arm’s length. you know wrong.”

The executive director (ED) of The board is micromanaging. The culture of this the nonprofit fields at least six board is distrust of the senior management. phone calls a day from board Board members and their leadership do not members who want to be understand the governance role.updated on operational matters.

Board president, who has been Board culture is one of inertia. Some board the president for 20 years, is members have long-term social ties with each the nonprofit’s biggest donor. other and see their positions of power on the

board as appropriate “payback” for their level offinancial contribution.

Board has two tiers of member- This board’s culture emerges from an organi-ship. The upper tier consists of zation that is socially prominent, but has a socially prominent individuals constituency that demands to be represented with money and connections, despite the fact that there are few socially and the lower tier consists of prominent individuals within that constituency. members who are expected to The lower tier is expected to “pay their way” for be “worker bees.” being allowed on the board by contributing or

raising a stipulated sum each year, sitting onmultiple committees, and being assigned toprojects that are time and labor intensive.

(continues)

ch07_4386.qxd 2/10/05 10:16 AM Page 115

Symptoms of Board Dysfunction

Levels of board dysfunction vary depending on the board, but with anydysfunctional board, the following symptoms are common.

• Attendance at board meetings is uneven. Most meetings barely have aquorum. Having attendance issues suggests that board members eitherdon’t understand or don’t care about their governance obligations tothe nonprofit.

• Senior management runs the board meetings, and discussion is dominated bya few board members. The rest of the board does not take active part indiscussion and does not review materials. Effective boards are highlycollaborative groups. When it is clear that one or more board mem-bers are “opting out” of the action, this should be a red flag.


character ist ics of Exh ib i t 7 .2dysfunct ional boards (cont inued )

Board Dysfunction Description of Board Culture

The upper tier of the board is recruited from thatcity’s “high society,” and these board membersgenerally have no committee or project obliga-tions. They are simply expected to lend theirname to the organization and make significantfinancial contributions.

The board’s committee system This is the classic “rubber stamp” board. The produces no results. The board culture in this board is one that defers all power leadership is visibly passive to the senior management. Board members view and allows the senior staff to their role on the board as “feel good.”run the board.

Artistic director is the board This board is a variation on the classic “rubber chair, and his volunteer assistant stamp” board. In this example, the board is a is the second most powerful “checkbook” and “rubber stamp” board. The person in the organization. The difference here is that not only were board board chair routinely kept infor- members expected to be passive, they were mation that he refused to share also expected to make significant financial with the other board members. contributions.Board is window-dressing.

ch07_4386.qxd 2/10/05 10:16 AM Page 116

• The board meetings are highly choreographed, but the content of the agenda issuperficial, including endless reports by senior management. The meeting isa dog-and-pony show meant to convey the consistent message that“all is well—just let those of us in power handle it.” This scenario isparticularly dangerous because those in power are working to manip-ulate the agenda and the level of participation of the rest of the board.Even more troubling is that the rest of the board either does not un-derstand that, in their governance role, they are required to know whatis going on, or that they are expected to demand to be fully informed.

• Data is being suppressed or withheld by the executive committee. Does yourboard know how much the executive director makes? Does the boardknow what perquisites the executive director enjoys, or the details ofhis or her benefits package (e.g., pension, vacation time, and profes-sional development time)? Board members should not tolerate theright-to-privacy claim—the executive director is the board’s onlyemployee. Board members have the right to know everything an em-ployer would know about his or her employee.

• Conflict is suppressed, or endless conflict is used to block business from beingconducted. Behind this symptom is a small group of people who areworking hard to forward their own agenda by bullying, intimidating,or publicly humiliating those whose opinions differ. These individu-als will create gridlock until their agenda is fulfilled.

• The board does not have a vision or strategic plan for moving the nonprofitahead. Senior staff actively blocks strategic planning. If your boardand nonprofit does not know where it is headed, consider this a hugered flag.

• Board members have been in place for over five years. Does your board haveterm limits? Are the term limits enforced? It’s useless to have term lim-its if board members are permitted to remain on or have limitless re-appointments to the board. How many board members have been onthe board for more than five years? If the number is greater than two,you need to do some serious housecleaning and board recruitment.

• The board does not have directors’ and officers’ insurance and/or employmentpractices liability insurance. Boards that resist purchasing adequate insur-ance fail to take their responsibilities of care and loyalty seriously. Noone should ever join a board that is not adequately insured.


ch07_4386.qxd 2/10/05 10:16 AM Page 117

• Financial statements and documents are not presented in a professional format.Haphazard financial statements should signal the need for serious re-view of internal controls. Run to the phone and contact your auditorto request the name of a reputable bookkeeper/financial services con-sultant. Do not have your auditor assist you in this project.

• The auditor has provided the board with a written opinion and recommenda-tions following the annual audits. These management opinions indicatethose areas in your nonprofit’s financial workings that require im-mediate attention. Management and staff have ignored these stipula-tions over the years. Management’s failure to take necessary action tomitigate those deficiencies indicated by an auditor signal serious in-difference to their fiduciary obligation to the nonprofit. In today’senvironment of higher accountability, this omission could be di-rected back to the board.

• The board micromanages the senior staff. If the ED’s daily routine includesan excessive number of phone calls from board members, the non-profit has a problem. The board needs to understand what its legiti-mate role is in terms of governance and oversight.

• The board has difficulty recruiting members. Who are the members of thenominating committee? Does the board have a nominating commit-tee? Those individuals who were recruited but turned down boardmembership should be contacted on a confidential basis to providefeedback on the recruitment and interview process. If it appears thata serious problem exists in the process for recruiting board members,the board leadership might use a secret-shopper technique. The boardleadership might enlist the cooperation of a disinterested third party topose as a prospect for the board. This individual could, on a confi-dential basis, provide an objective perspective and useful recommen-dations for making membership on your board more attractive.

Factors That Contribute to Board Dysfunction

Board dysfunction is not simply the result of one issue or even one person.Generally, dysfunction reflects the confluence of a number of dysfunctionalfactors.

• The board does not understand its governance and fiduciary role in the non-profit. Board members have not been briefed regarding the legal stan-


ch07_4386.qxd 2/10/05 10:16 AM Page 118

dards of care, loyalty, and obedience. Their fiduciary obligations arenot clear, nor do they understand what “governance” means in termsof role and deliverables.

• Board members come to meetings unprepared to engage in meaningful discus-sion or decision-making. The board’s working paradigm could be one ofpassive acceptance of staff reports, or, like the United Way in Wash-ington DC, a cheerleading squad.

• The nonprofit’s organizational culture suppresses board participation becausethe board tolerates this behavior. Conversely, a board can attempt to mi-cromanage a nonprofit for many reasons, the most damaging beingdue to a past organizational crisis. The board feels obligated to directoperations because it still does not have confidence in the manage-ment team.

• Board members are recruited for their social status and financial resources. Thistype of means testing as a prerequisite for board membership givesboard members a sense of entitlement. Consequently, these boardmembers feel that making significant financial contributions is suffi-cient to meet board requirements.

• Board members have leveraged their donor status to secure a leadership role onthe board. In some, but not all, situations this can prove to be damag-ing to the board. Conversely, some board members become inter-ested in serving on the board because they have donated generouslyto a nonprofit. These individuals can prove to be good additions tothe board.

• Nonprofit management intentionally recruit passive individuals to establish awindow-dressing board, but do not orient the board on issues that might es-tablish an assertive board. The level of dysfunction comes from man-agement expectations that the board members will do as they areinstructed. The board never fully understands its governance role,nor does it understand that in today’s environment it can be heldcriminally liable for the nonprofit’s actions.

Transforming Board Culture: Ushering in a NewGovernance Paradigm

Board culture describes a microcosm of the nonprofit’s organizational cul-ture. The board culture has a shared set of values, decision-making models,


ch07_4386.qxd 2/10/05 10:16 AM Page 119

myths, legends, and beliefs that encompass the way in which a nonprofitboard conducts business. These values, beliefs, legends, and myths are thesubstance of the informal board orientation when board members coachnewcomers on “how things work around here.” Board culture is alsotransmitted through the type of behavior that is expected, or discouraged,within the board. These behavioral norms, such as attendance requirementsor minimum giving levels, further specify board values and beliefs.

Determine if the current board culture can sustain the movement to-ward SOX best practices. If not, then begin the process of transforming theboard culture—see the next section for recommendations.

The first step is to objectively review the effectiveness of your board.Review the credentials and skill sets that each board member presents. Arethese individuals the right mix for your nonprofit and its mission? Aretheir interest levels flagging? What progress has your board made in the pastyear toward your nonprofit’s strategic plan? Does your nonprofit have astrategic plan?

Strategies for Introducing Changein the Board Culture

Any type of organizational change can benefit from a jump-start. Hereare some recommendations to move your board toward a higher level ofproductivity.

• Talk with your auditor and your insurance professional. These advisors canprovide you with information on new laws, regulations, and industrystandards that can serve as a catalyst for change.

• Recruit at least three to five top-notch board members in the next six months.These individuals should present the types of skill sets that are cur-rently missing from the board. These individuals should be fully awarethat they have been recruited to assist you in the transformation of theboard.

• Introduce term limits or a plan to enforce current term limits. Establish an ad-visory council and board emeritus group without voting power.Eliminate dead wood or dysfunctional board members.

• Develop an agenda of deliverables based on traditional expectations and SOXbest practices.


ch07_4386.qxd 2/10/05 10:16 AM Page 120

• Establish priority areas for immediate action.

• Establish a core group within the board to develop a strategy toachieve the deliverables.

• Institute performance expectations (e.g., attendance, financial sup-port, funding, voting, and other behavioral norms).

• Begin the process to ensure that term limits are adopted or enforced. Transitionthose members whose time and welcome have run out to the advi-sory council and/or board emeritus group

• Institute a conflict of interest policy that includes an educational component.The educational component defines conflicts of interest, how to dis-close a conflict of interest, and how to address conflicts of interest inan appropriate manner—policy, protocols, and annual conflict of in-terest statements

• Take steps to ensure that board meetings are conducted in a business-like fash-ion. Establish a timed agenda, rules for discussion, and, if necessary,limited discussion time prior to taking a vote. Conversation is notpermitted to run on and thus obstruct the business that is slated forthat meeting.

• Board leadership and/or senior management should consider as-sertiveness training to actively deal with dysfunctional board membersand/or situations that arise.

Conclusion

As your nonprofit begins to make plans to incorporate the SOX best prac-tices, it is wise to consider the current cultural climate of the board and thenonprofit. If changes need to be made in the culture of either the board orthe nonprofit or both, now is the time to begin. Chapter 8 discusses waysin which your nonprofit’s internal controls can be evaluated and strength-ened. The current status of these internal controls can provide importantclues into your nonprofit’s organizational culture.

Endnote1. Mark W. Everson, testimony before the U.S. Senate Finance Committee, Washington,

DC, June 2004.

endnote 121

ch07_4386.qxd 2/10/05 10:16 AM Page 121

ch07_4386.qxd 2/10/05 10:16 AM Page 122

123

A Platinum Operating StandardStarts with Good Bones

It was a rainy Sunday evening. The dance studio of the Urban BalletCompany had long since closed for the day. Somehow, somewhere, thethieves gained entry. Were they strangers, or insiders? They scaled the wallof the dance studio and gained access to the ballet office in the loft abovethe studio. On the floor were boxes of recently donated new computerequipment. The server, located in a corner of the office, contained the fi-nancial data that was the lifeblood of the organization—including the creditcard numbers of its many donors. The thieves left with all of the computerequipment, including the server. The next morning the stunned staff couldnot believe their eyes. All of the computers and the server were gone!Then, even more devastating, was the realization that they had no backupfor their files and their donor records. They also realized that the donors’credit card numbers were compromised. They knew that these donorsneeded to be contacted, but how? The dance company went to the media,and the theft of the credit card information and computer equipment wasthe lead story on the 10 P.M. news. The dance company never recoveredfrom this burglary; it closed two years later.

SOX Best Practices: Moving to aPlatinum Operating Standard

Moving to a “platinum” operating standard represents a synergy of thenonprofit’s values (i.e., mission), operational efficiency, and regulatory

Chapter 8

ch08_4386.qxd 2/10/05 10:16 AM Page 123

compliance. Nonprofits pride themselves on their commitment to fulfillingtheir mission—and some see that as the end of the story. That’s a short-sighted approach in today’s business environment. Yes, nonprofits do oper-ate within a business environment—they compete for revenue in the formof funding and customers (i.e., clients and donors). Moreover, the metaphorof the “invisible hand of competition” made famous by eighteenth-centuryeconomist Adam Smith affects nonprofits as well as private sector corpora-tions. The difference between nonprofits and their private sector counter-parts primarily appears to be in the organizational mindset. Corporationsunderstand and accept that they operate within a highly competitive envi-ronment and that they are expected to conduct operations in a business-likefashion. Some nonprofits have not realized this.

Many nonprofits often fail to understand that in order to compete,they must enter the competitive arena as fully established organizations.Restrictive mindsets such as the “Mom and Pop,” “poverty,” or “we’resmall” do a disservice to a nonprofit’s clients, donors, staff, and the com-munity. The time has come for many in the nonprofit world to competefor resources as fully mature, fully competent organizations—regardless oforganizational size! To that end, this chapter discusses the steps that anorganization must take to move from an ordinary standard to a “platinumstandard.”

Often, mission-driven and grassroots organizations tend to de-emphasizeorganizational infrastructure while focusing on programs or fundraising.Some have even reached the point where fundraising is the most importantventure, as the organization is living hand to mouth. Frequently, the boardsof these organizations are donors or members of the community who havebeen associated for decades with the organization. One nonprofit, whoseaffiliation with a world-renowned charity should have resulted in sustainedgrowth, stalled in its development because its board was populated with itsfounder’s friends and board appointees handpicked by the founder. Theboard president, who was the nonprofit’s largest donor, felt entitled tokeep the job for over 20 years. The chair of the finance committee was anemployee of the nonprofit’s financial institution, which created a conflictof interest, or at least the appearance of one. A new executive director,who had twenty-first-century ideas and stellar nonprofit management ex-perience, was stymied at every turn by this board, which initially claimedto never have conflicts.

124 chapter 8 a platinum operating standard

ch08_4386.qxd 2/10/05 10:16 AM Page 124

An even more spectacular example of a grassroots organization’squandary comes in the form of a financial scandal at a local watchdoggroup. Published reports indicated that independent auditors determinedthat a half million dollars was unaccounted for primarily through “poorbookkeeping, administrative failure or theft . . . .” At the heart of the fi-nancial irregularities was the practice of making questionable loans toemployees and board members, including the board treasurer. Virtuallynone of these loans was repaid. The newspaper account1 indicated thatmaking loans of this type was a longtime practice. In defense of this loanpractice, the ousted ED claimed, “In organizations that work withpoverty, there is often the need to take these types of emergency meas-ures.” Clearly, there is no justification for loans to employees or boardmembers under any circumstances. Using the spurious claim that his or-ganization was “working with poverty,” the former ED insinuated that a“poverty mentality” is justification for subverting donor funds. No, it’snot! There is never any justification for betraying the trust of the com-munity to satisfy the monetary desires of board or staff. If your nonprofitis operating in a “poverty mentality,” the time has come to summon thecourage to make a dramatic change before your organization’s slipshodoperations make the front page of your city’s newspaper or becomes thelead story on the 10 P.M. news.

What Are PlatinumOperating Standards?

Nonprofits that adopt a platinum operating standard recognize that regu-latory legislation is not necessarily just an attempt by the public sector to in-trude on its operation. Legislation such as SOX is intended to introduce,admittedly by requirement, those practices that should have been in placeall along. The employees, shareholders, and creditors of Enron, ArthurAndersen, WorldCom, and the UWNCA would be much happier, andmore solvent, today if those organizations had embraced what we call theSOX best practices. Nonprofits committed to moving their operations toa platinum standard recognize that to grow and thrive, they have to be thebest that they can be. This means that all of their systems and internal con-trols have to be functional, seamless, and in compliance with regulationsand industry best practices. Yes, there is a nonprofit industry—just look at

what are platinum operating standards? 125

ch08_4386.qxd 2/10/05 10:16 AM Page 125

all of the conferences, books, journals, and other products targeting thenonprofit world. Nonprofits make up a substantial portion of the U.S.economy, and the number of nonprofits is growing.

Nonprofits with platinum operating standards have the followingcharacteristics:




• Better competitive positioning by making known that the nonprofitadheres to the SOX platinum standard in its operating practices


Review of Internal Controls

The initial steps in moving toward a platinum operating standard beginwith incorporating SOX best practices into the nonprofit’s day-to-day op-erations and conducting a review of the nonprofit’s internal controls. A re-view of internal controls is designed to take a current reading of yournonprofit’s infrastructure to determine those areas that need attention andupgrade. The extent to which the internal controls in your organizationneed upgrading and the importance of the individual functions to yournonprofit’s operations will determine the sequencing schedule for these ac-tivities. The important issue in this process is the recognition that your or-ganization will not be able to fully adopt the SOX best practices unlessyour infrastructure is positioned to make it happen. The best software inthe world will not enhance your computer’s ability to perform unless thehardware has been properly configured. The same logic applies for adopt-ing SOX best practices.


ch08_4386.qxd 2/10/05 10:16 AM Page 126

SOX Best Practices

SOX best practices are designed to enhance the completeness and reliabil-ity of your nonprofit’s internal operations, and ensure that the organizationis in regulatory compliance. To review, SOX best practices include:

• Whistleblower protection policy

• Document retention and storage policy, which includes a prohibitionintended to bar destruction of documents during an investigation

• Audit committee whose role is to oversee the annual audit or finan-cial review (for small nonprofits) and to upgrade the financial literacyof the board

• Enhanced detail and accuracy in the preparation of IRS Form 990

• Conflict of interest policy and code of ethics that facilitates greaterfocus on decision-making for the good of the nonprofit

• Internal controls, particularly as these relate to financial operations,and compliance with all laws and regulations at the federal, state, andlocal levels

In many nonprofits, two of the most prominent areas of operations arefinance and document retention. These areas garner significant attentionbecause the way in which reports are developed and documents retainedcan indicate how honest the nonprofit is in conducting its operations,and how committed it is to transparency and full disclosure. Documentssuch as Form 990 are among the new ways of fully disclosing financial op-erations and position to the public. Form 990 is not just for tax reportinganymore. The public has easy access to Form 990s online through organi-zations such as GuideStar. Using an organization’s Form 990, interestedparties can track the sources and uses of funds. A Form 990 can also indi-cate that all major transactions comply with other SOX expectations, suchas avoidance of even the appearance of a conflict of interest.

The nonprofit’s commitment to adopting and maintaining SOX bestpractices can be demonstrated in a review of internal controls. The processand outcomes can be used to measure the progress that your nonprofit hasmade in the development of the platinum standard. Compliance cannotsimply be a rote operation; it must be demonstrated that the commitmentto excellence transcends all levels of the organization and is evident in all

review of internal controls 127

ch08_4386.qxd 2/10/05 10:16 AM Page 127

of the operational systems and in the symbiotic relationship that existsamong the various systems within the organization.

How to Conduct a Review of Internal Controls

The internal controls of your organization should work in the same fash-ion as the organs, pulmonary, nerve, and endocrine systems work in thehuman body. The synergy and interdependence of these systems are whatkeep a person alive and healthy. The dysfunction of one ripples out to af-fect all of the others. In the same way, it is imperative to take a readingof your organization’s internal health by means of a review of internalcontrols. This is not solely a financial audit, although financial systems areincluded, but an examination of all of the systems within your organiza-tion—from human resources to vendor selection, to document preserva-tion to operations, to landscaping and facilities maintenance.

The review of internal controls should center on the following func-tional areas:

Financial Operations The examination of the systems and proceduresassociated with finance and financial operations is a primary element of thereview of internal controls. The review of internal controls is differentfrom the organization’s annual financial audit, as the review of internalcontrols examines how financial operations are conducted, how transpar-ent these operations are, and the relationship among the various other op-erational systems within the nonprofit. The review of internal controlsshould determine if the following procedures are in place:

• Processing incoming checks

• Preparing bank deposits

• Reconciling of bank statements

• Disbursing cash and checks. A procedure should be in place to documentthese disbursements and have corresponding invoices or receipts foreach transaction.

• Recording transactions

• Actively monitoring credit cards and vendor accounts to ensureaccuracy

• A system for the confidential reporting of waste, fraud, and abuse


ch08_4386.qxd 2/10/05 10:16 AM Page 128

There should be more than one person handling the financial transac-tions. This can be achieved by having the nonprofit’s controller work di-rectly with the board treasurer to ensure adequate oversight.

Audits and the Audit Committee Internal controls can also bestrengthened by having an audit committee in place to ensure that the an-nual audit is conducted and reviewed in a thorough manner. The proce-dures listed previously are simply a start. The audit committee can serve anadditional purpose in providing guidance and direction in terms of mov-ing the financial function to a platinum standard.

As mentioned in Chapter 2, external auditors can no longer provideadditional services such as bookkeeping or consulting. If your nonprofithas had the same auditor for over four years, you need to begin lookingfor a new auditor, or have a new partner in the auditing firm take overyour nonprofit’s audit. If a partner from the same auditing firm is used,this needs to be disclosed in writing along with the reason for continuingwith the same auditing firm. The auditing committee should consist ofboard members and external financial experts. Everyone on the commit-tee needs to be fully independent—in other words, not on your non-profit’s payroll.

The audit committee is obligated to review the auditor’s managementletter and develop directives to address all of the issues that were raised inthis important letter. Rectifying those problems identified in the auditor’smanagement letter should be the first priority for the nonprofit’s board andsenior management.

Development and Fundraising In Chapter 1 we reviewed the provi-sions of California’s new Nonprofit Integrity Act along with a number of rec-ommendations that the Senate Finance Committee staff proposed in termsof nonprofits and fundraising. Because of widespread abuses in this area,fundraising activities have come to the attention of federal and state law-makers. An effective review of internal controls takes a hard look at theway in which fundraising is conducted in your nonprofit.

• Documents related to donor files and donor history. Document retention,storage, and security are important SOX best practices. Access todonor records should be carefully considered. All employees and


ch08_4386.qxd 2/10/05 10:16 AM Page 129

volunteers who have access to donor records need to be briefed onsecurity and confidentiality issues. Strict guidelines need to be en-forced to ensure donor privacy and that sensitive information is notcompromised.

• Privacy issues. Donor privacy is one of the most important elements ofthe development and fundraising function. Documents related todonor privacy include correspondence to and from donors, and doc-uments such as those providing or declining authorization to use thedonor’s name. Mailing lists are also confidential and should have lim-ited access.

• Vendor contracts. Does your nonprofit have contracts with vendorssuch as telemarketing vendors, or vendors who process donated vehi-cles? If so, review the contract and other materials to ensure that yournonprofit has conducted a due diligence review of the vendor. Ifyour nonprofit is in California, you will need to ensure that the ven-dor is properly registered with the state.

The review of internal controls should determine if the following pro-cedures are in place:

• Donor files are secured at all times. Electronic databases need to bepassword protected. Only authorized individuals should have accessto donor files.

• Donor files and databases should be backed up on a daily basis. Thebackup should ideally be uploaded to a secure Web site; however, anytapes or CDs should be taken off site for safekeeping.

• Donors should be asked for permission to print their names on thenonprofit’s materials.

• Donors should be offered the option to opt out of mailings, telephonesolicitations, and mails.

• All staff associated with development or fundraising should bescreened and trained to ensure that donor privacy is maintained.

• Fundraising vendors should be carefully investigated to ensure thatyour nonprofit’s interests are preserved, and that your nonprofit re-ceives appropriate compensation per the terms of the contract.


ch08_4386.qxd 2/10/05 10:16 AM Page 130

Document Retention, Archiving, and Retrieval Document storageand retention within Sarbanes-Oxley that applies to all organizations. Chap-ter 5 discussed document retention, and Appendix C provides a sample ofa document retention policy and recommendations for its implementation.

Key areas for consideration in document retention include:


• Are the documents paper-only, or are electronic files included?Which ones?

• What about e-mail and instant messaging?

• What are the expectations about the way in which documents arestored or archived and the ability to retrieve documents?

• How long are various categories of documents to be kept in storage?

• Is there a protocol for disposing of documents once their storage timehas elapsed?

• When should documents not be destroyed?

• How can you make sure that everyone in the nonprofit understandsand adheres to these requirements?

Human Resources The essential systems in your nonprofit’s HumanResource division includes files related to hiring, retention, and work his-tory of both employees and volunteers. These files need to be preserved incompliance with your document retention system.

Other aspects of HR include procedures and protocols for hiring, su-pervision, termination, compliance with Family and Medical Leave Act,anti-discrimination legislation, Workers Compensation claims and legisla-tion, HIPPA, and GLIB privacy legislation. If necessary, include a policythat prohibits staff and volunteers from engaging in activities that wouldjeopardize your nonprofit’s 501(c )(3) status.

The HR policies should additionally include conflict of interest proto-cols for board, senior management, staff, and volunteers. All employees andvolunteers, regardless of position, should be required to sign a conflict ofinterest statement on an annual basis, if for no other reason than to affirmthat they have no associations or business interests that would create a con-flict of interest.


ch08_4386.qxd 2/10/05 10:16 AM Page 131

Whistleblower Protection The second obligation from Sarbanes-Oxleythat applies to all organizations is the requirement for a documentedwhistleblower protection policy. The policy was discussed in Chapter 5,and a sample whistleblower policy is in Appendix B.

Programs and Operations Within the heading “Programs and Opera-tions,” the nonprofit can have a variety of systems—from client eligibilityto office operations to donor management and fundraising. Ensuring thesafety and privacy of clients is central to preserving the nonprofit’s mission.

Client Files and Privacy Issues Examine the intake process for newclients. Is the data collected only that which is necessary and sufficient?Similarly, client privacy is often contingent upon how easy it is to accessclient records. The following questions help to ensure appropriate access toclient records either in hard copy or electronically:

• How are staff cleared for access to client files? Procedures should be in placeto authorize staff for access to client files and for removing theauthorization.

• Are protocols in place for handling the materials? Staff/volunteers shouldnot be permitted to leave a client’s file open on a computer screen.Staff must log out if leaving the desk/cubicle. All client files should bepassword-protected.

• Does the nonprofit work with vulnerable clients? If so, procedures need tobe in place that describe how the clients are evaluated to determinethe appropriate services or medical treatment. Are the client’s care-givers involved in the intake process and service delivery? If so, theclient’s caregiver(s) should complete a form stating preferences forservice delivery, medical information (if appropriate), and contactinformation.

• Do caregivers have information on the process for filing a complaint or griev-ance about the service or about a staff member behaving inappropriately? Thecaregiver should also understand the steps that will need to be takenin the investigation and the types of information that he or she will beasked to provide.


ch08_4386.qxd 2/10/05 10:16 AM Page 132

Conducting the Review ofInternal Controls

Step 1

The first step in conducting a review of internal controls is to reviewthe current practices in each of the nonprofit’s functional areas. The dis-cussion in the previous section outlined some commonly found operationalareas within nonprofits. Identify the procedures that are currently in place.In Appendix I, you will find sample documents for a review of internalcontrols.

Step 2

It is important to document the SOX best practices that you have in place.You should collect proof that your organization complies with the bestpractices. Examples of proof of SOX best practices compliance include, butare not limited to, reports, written policies and procedures, enforcementprocedures, documentation from third parties such as an accrediting entityor an insurance company that your nonprofit has implemented these prac-tices, annual reports, Form 990, and audits or annual financial reviewssigned by a CPA or other financial expert.

Step 3

Assemble the examples of proof of SOX best practices compliance and/orappropriate internal controls, which include but are not limited to:

• Financial reports

• Written policies and procedures

• Proof that these have been enforced—enforcement procedures

• Documentation from third parties (e.g., accrediting entities or insur-ance company) that your nonprofit has implemented these policies

• Annual reports

• Form 990s (completed correctly)

• Audits and/or annual financial reviews signed by a CPA or other fi-nancial expert

conducting the review of internal controls 133

ch08_4386.qxd 2/10/05 10:16 AM Page 133

Step 4

If you are unable to identify a system that corresponds to a SOX best prac-tice, or identify a means that provides proof, take these steps:

1. Identify the types of proof needed. Could it be a report, a set of poli-cies and procedures, a written review, or action in the board minutes?

2. Identify the steps needed to develop the proof or set of procedures.

3. Develop time lines for obtaining the materials and names of indi-viduals responsible for meeting deadlines.

Content and Structure ofthe Review of InternalControls Report

Introduction

The introduction is a statement from the board and senior managementand explains why the audit is taking place and the expected deliverablesfrom the audit systems. For each department, provide a brief description ofeach of the protocols, procedures, and/or systems in comparison with rec-ommended internal controls and SOX best practices and expectations. Thefollowing areas are examples of departments:

• Finance

• Document retention

• HR

• Operations

• Governance

• Other areas of the nonprofit

Next Steps

The discussion in this section addresses remedial action to upgrade currentoperational systems to be consistent with SOX best practices. It is impor-tant to clearly identify deliverables.


ch08_4386.qxd 2/10/05 10:16 AM Page 134

Time Line

Establish a reasonable time line to address the deliverables identified in theprevious section. Decide what you would be able to accomplish in:

• One month

• Three months

• Six months

Set a deadline for completing all of the systems/proof 10 months fromthe start of the project. Remember, the longer timeframe you give your-self, the more chance that the project will be become lost in the everydayshuffle of operations. Book a “look back” date (at the end of 10 months)to determine if further work is needed.

Conclusion

Moving toward a platinum operating standard necessitates that the non-profit’s internal controls are first rate. SOX best practices can serve as a cat-alyst to examine the rest of the nonprofit’s controls and make the necessaryupgrades to operational policies and procedures.

Endnote1. Chip Johnson, “Watching the Police’s Watchdogs,” San Francisco Cronicle (August 13,

2004).

endnote 135

ch08_4386.qxd 2/10/05 10:16 AM Page 135

ch08_4386.qxd 2/10/05 10:16 AM Page 136

137

Creating a CompetitiveAdvantage: LeveragingSOX Best Practices

“The time is not ripe to make any public statements. Given the manyoptions [for reorganization], I am extremely confident that the services thenonprofit sector has been relying on for [27] years will continue,” saidthe ED of an almost three decades’ old West Coast nonprofit clearinghouse.The local newspaper had just broken the story of fiscal mismanagement ata nonprofit organization that, ironically, was in business to help nonprofitsmanage their organizations more efficiently.1

Despite his lengthy career in working with nonprofits, the ED’s reactionhighlighted a glaring deficiency in his ability to deal effectively with themedia. Five months after his haughty pronouncement, the ED was forcedto again deal with the media—this time to announce the closure of theclearinghouse.

Community observers attributed the clearinghouse’s problems to morethan just a sluggish economy and increased competition. They suggestedthat the crisis scenario was probably hastened by management errors ofjudgment. “I think the blame must lie somewhere in the building,” saidone observer, “They are not doing what they teach.”2

What a condemnation! Would your nonprofit be able to rebound fromthis type of public denunciation?

Chapter 9

ch09_4386.qxd 2/10/05 10:17 AM Page 137

Competitive Advantages of Beingin Compliance with Sarbanes-OxleyBest Practices

Here are some ways in which SOX best practices can save your nonprofitmoney, time, and, most importantly, preserve your nonprofit’s good name:

• Incorporating the best practices reduces the potential that your nonprofit will ex-perience a financial or other type of scandal. The ensuing adverse publicitythat follows a scandal can have either an immediately devastatingeffect—as was the case with the west coast clearinghouse—or a rippleeffect that can last for years. For example, the crisis in the United Wayof the National Capital Area was responsible for a significant drop inagency donations, and was the grounds for being dropped as the fis-cal agent for the Combined Federal Campaign in the WashingtonDC Metro area.

• By implementing SOX best practices right now your nonprofit can save timeand money. Although your nonprofit may not be affected by state law,the two provisions of SOX apply to all nonprofits. If the Senate FinanceCommittee accepts the recommendations in the staff paper, yournonprofit may be required to adopt these best practices within a veryshort timeframe.

• Similarly, it is easy to leverage the adaptation of SOX best practices into doc-uments such as a risk management plan and a business continuity plan. Theinstructions for these documents are presented later in the chapter.Your nonprofit’s insurance professional will want to also leveragethese documents and your adaptation of SOX best practices to obtaininsurance coverage at competitive pricing.

• Implementing SOX beust practices can help your organization sur-vive crises. Policies such as document preservation can be vital inhelping your nonprofit get through potential crisis scenarios such ashaving the IRS ask for a document, or having to produce documentsin the event of litigation.

• Your nonprofit will be better positioned in a crisis to conduct itself in a man-ner that inspires public trust. The nonprofit “clearinghouse” in the storyat the beginning of the chapter might very well have negotiated a

138 chapter 9 creating a competitive advantage

ch09_4386.qxd 2/10/05 10:17 AM Page 138

merger with another similar organization, but was clearly at a disad-vantage due to many factors, including its clumsy media handling.

• Two components of SOX are already in place and required of all organiza-tions. Your nonprofit has no excuse for not having a whistleblowerpolicy and a document preservation policy in place.

• If your nonprofit is in California, state law now applies (see Chapter 1).Having SOX best practices in place is helpful to ensure compliancewith this new law.

• SOX best practices build strong organizational bones. Having internal con-trols and solid organizational infrastructure is essential for growth andmaintaining stature within the nonprofit sector. Like strong bones inhuman beings, organizations can better sustain the challenges of doingbusiness if their infrastructure is solid.

• Time is of the essence. Your nonprofit is putting these best practices inplace while the rest of the nonprofit world is either in denial, clueless,whining, or—in the case of the nonprofit clearinghouse in the storyat the beginning of the chapter—out of business!

• These best practices result in the following organizational deliverables:

• A strong and active board that is focused on its governance andfiduciary obligations

• Board members who have the requisite skill sets for their role, in-cluding financial literacy

• Best practices facilitate effective board recruitment and orientationpractices.

• Best practices support accountability of senior management andthe board. The board and the senior management understand theirroles and obligations.

• Best practices result in financials that are accurate and honestly re-flect the nonprofit’s financial position.

• Best practices result in correctly prepared IRS Form 990s, whichare submitted on time and in compliance with other regulatoryconditions.

• Developing a document retention system results in an organized

competitive advantages of being in compliance 139

ch09_4386.qxd 2/10/05 10:17 AM Page 139

filing system that preserves files and has a storage/archive systemthat supports easy access and retrieval.

• Best practices point toward the development of robust policies onissues such as conflict of interest, whistleblower protection, andself-dealing.

• The best practices support the design of and adherence to a codeof ethics that is signed off on by board and senior management.

The primary issues in SOX best practices are accountability and trans-parency. Identify the steps that your board and senior management havetaken to address the SOX best practices, and connect these steps to yournonprofit’s mission. Keeping your nonprofit strong and accountablemeans that your nonprofit’s board and operational transactions need to betransparent.

Leveraging Best Practices: Marketing Strategies

A number of stakeholders would be interested to know that your nonprofithas adopted SOX best practices. These constituencies include:

• The IRS. In Chapter 4, we discussed how your next Form 990 can becompleted to indicate that your nonprofit took steps to come in com-pliance with the two compulsory areas within SOX (whistleblowerprotection and document preservation), and took steps to adopt gov-ernance and management best practices that emerged from the othercomponents of the legislation.

• Nonprofit information sources such as Philanthropic Research, Inc. (i.e.,GuideStar, www.guidestar.org) is one of a number of sources of infor-mation about nonprofit organizations. Many donors and grant mak-ers search GuideStar before making their funding decisions. IRSForm 990s are published on the GuideStar Web page. It is importantfor your nonprofit to use the opportunity that the GuideStar profileand the profiles used in other databases to get the message out thatyour board and senior management have taken steps to ensure yournonprofit’s credibility and accountability.


ch09_4386.qxd 2/10/05 10:17 AM Page 140

Caut ion !

Be aware that your nonprofit’s Form 990 will be posted to thewww.guidestar.org Web site. Although Form 990s contain informationon major donors, this information is exempt from being posted on theInternet for obvious security reasons. However, it is important for youto check your nonprofit’s listing and 990 posting. Don’t just ignore itas one unsuspecting nonprofit executive director did. This nonprofitwas a very high-profile organization with equally high-profile, “high so-ciety” major donors. The ED did not bother to check his nonprofit’sForm 990 posting. Due to a clerical error, the major donor page wasposted on the Web—along with the names, home addresses, and do-nation levels of the nonprofit’s high-society major donors. This wasbrought to the horrified ED’s attention by his auditor.


• Your insurance professional. Your insurance professional will be pleasedto hear that your nonprofit is an early adapter of SOX best practices.He or she can use any of the marketing materials and the risk man-agement and business continuity plans (see how to do that in the nextsection) that you have generated around this topic as a means ofdemonstrating to the underwriter(s) handling your coverage that yournonprofit is committed to responsible governance and management.

• Your auditor. Your nonprofit’s auditor should be briefed on the adap-tation of SOX best practices. The auditor will be interested in all ofthe best practices, particularly those practices related to adopting aconflict of interest policy. The issue of conflict of interest is particu-larly troublesome to many nonprofit boards.

• Major donors and other funding sources such as foundations or public sec-tor partners would be interested in hearing that your nonprofit is anearly adopter of the SOX best practices. Many nonprofits have specialevents that serve as a means of briefing major donors on new devel-opments within the nonprofit. These events offer an opportunity foryou to brief donors about how the SOX legislation has raised thebar of accountability for all organizations, not just those that are pub-licly traded. If your state has recently passed SOX clone legislation

ch09_4386.qxd 2/10/05 10:17 AM Page 141

targeting nonprofits (or is considering such legislation), you will beable to tell your donor constituency that your nonprofit took a proac-tive stance in implementing accountability standards. This type ofbriefing is an excellent means of educating this audience about howSOX best practices serve to safeguard the nonprofit, and hence, theirinvestment (i.e., donation) in the organization.

Proposals that you craft in response to a foundation or other fun-der’s request for proposal (RFP) present additional opportunities topoint out (and offer specifics) that your nonprofit has taken steps toadopt the SOX best practices. Providing a level of detail that ad-dresses what is necessary and sufficient can serve to illustrate to thepotential funder that your nonprofit is a good steward of its missionand assets—and is likely to take the same vigilant approach in usingthe funder’s resources.

• Current and potential board members should be made aware of the steps thatthe nonprofit has taken to adopt SOX best practices. Include informationon SOX best practices in all of your board meetings and provide theboard with regular progress reports and recommendations for keepingup the momentum.

Recruiting high-quality board members is a task that nonprofits arefinding increasingly difficult. Potential board members will be inter-ested in learning that the nonprofit has taken steps to solidify its in-ternal controls and boost its commitment to remaining accountable toits mission, clients, donors, and the community at large.

Board orientations should also include a detailed description of theSOX best practices adopted by your nonprofit’s board. Although theboard orientation addresses a wide range of topics, it is important toensure that all board members understand what the SOX best prac-tices are and why they are essential to remaining faithful to the board’sthree legal standards: care, loyalty, and obedience. Each best practiceshould be described in detail that explains its role and function inkeeping the nonprofit’s operations transparent.

The conflict of interest policy and the code of ethics should be ex-amined in greater detail to explain these policies to new and currentboard members. Board members should understand what is expectedof them and why it is essential for the board and senior management


ch09_4386.qxd 2/10/05 10:17 AM Page 142

to adhere to the conflict of interest policy and the code of ethics. Pro-viding board members with sample conflict of interest statements andreviewing policy documents will serve to reinforce the message. An-other way of clarifying expectations would be to have a member ofthe board provide an example of his or her “conflict of interest let-ter,” which may or may not have any “disclosures.”

Examples of how a board member may use the code of ethics as aresource for decision-making are particularly important. Both theconflict of interest policy and the code of ethics are intended to betools for effective decision-making. The board orientation is one ofthe occasions in which the best practices can be illustrated as rubricsfor responsible governance. Board meetings, board retreats, and otherworking meetings present opportunities to remind members aboutthe nonprofit’s commitment to transparency.

• Current and potential staff and volunteers SOX best practices will help to en-sure that all staff and volunteers are trained in a standardized manner andwill be held accountable for compliance with these best practices. Keep em-ployees and volunteers informed about your nonprofit’s commit-ment to adopting SOX best practices. Offer incentives for staff andvolunteers to suggest ways in which best practices can be maintainedor streamlined.

• Your nonprofit’s Web site. Let the world know! Your nonprofit’s doc-uments and reports—including financial reports, Form 990s (but notthe major donor page), by-laws, conflict of interest policy, and codeof ethics—can be available for review by linking them to the organi-zation’s Web site.

Make it known through your nonprofit’s marketing materials,Web site, and advertising that your nonprofit adheres to a platinumstandard in its operating practices. Your nonprofit is required by lawto provide a copy of its IRS Form 990 to whomever requests this in-formation. Posting the Form 990 on your nonprofit’s Web site is ameans of ensuring transparency and saving the time and materials in-volved in sending out the information. However, be careful not tomake the mistake that the ED with the high-society donors did. Oncematerials are posted, go back into the Web site immediately to checkon what viewers would see.


ch09_4386.qxd 2/10/05 10:17 AM Page 143

Leveraging Best Practices to Create Risk Management andBusiness Continuity Plans

SOX best practices establishes a benchmark for a rational and productiveorganizational response to crisis events—whether that comes in the formof a hurricane, earthquake, flood, fire, loss of a key member of the staff, anaccident involving staff, clients, or volunteers, or other crisis scenarios. In-vestigations will be more productive and authentic because the relevantdocuments and files will be retrieved as requested, and a no-destroy policywill be in place until the investigation is completed. The plans will ensurethat protocols are in place to make certain that the nonprofit remains incompliance with SOX and nonprofit “industry standards” and addressesfuture standards. The next sections discuss how to use the best practices tostreamline the creation of a risk management program and a business con-tinuity plan.

What Is Risk Management and What Does It Have to Do with SOXBest Practices? Risk management is the means by which nonprofit or-ganizations can identify, assess, and control risks that may be present withintheir nonprofit’s infrastructure or within its operations. SOX best practiceshave a value added as the means by which risks associated with fiduciaryobligations, legal compliance, board governance, and other areas are miti-gated. Some examples of the ways in which SOX best practices can miti-gate risk are listed in Exhibit 9.1.

Profile of Your Nonprofit Before you begin working on the risk manage-ment program, develop a very brief profile of your nonprofit, with em-phasis on the SOX best practices that have been adopted. You will see thatthese practices will serve to frame the areas in the risk assessment that mightneed additional attention, and will be helpful in identifying those opera-tional areas that do not require additional attention. Sharing the profile ofyour nonprofit with your insurance professional can be a practical methodfor putting the plan into perspective.

Risk Management Activities Three primary risk management activities arerisk assessment, risk management implementation, and risk administrationand monitoring.


ch09_4386.qxd 2/10/05 10:17 AM Page 144

1. Risk assessment. Risk assessment is the step that determines whatrisks are present in the nonprofit and the potential severity these risksmight bring. Important! As you examine each of these organiza-tional areas for potential risks, do not attempt to make an exhaustivelist. Concentrate on those risks that appear to be particularly trou-blesome, or risk areas that have already caused accidents, injuries, orother adverse effects. Because risk management is an ongoingprocess, those risks that are not addressed this year (or in this round)will be addressed in subsequent rounds.

Here are the steps to develop a risk assessment report:

1. List the risks that you have identified to this point. Your list shouldcontain 10 to 12 risks—three or four from each of the four or-ganizational components: governance, staffing, operations, andrelations with the public.


Exh ib i t 9 . 1 ways to m i t igate r isk

Nonprofit Functional

Division Sample Risk Areas SOX Best Practice

Board-Governance Fiduciary risk—failing to Financial literacy—board

Policies and procedures recognize mismanagement responsible for reading

that guide how the and understanding

organization operates financials

Staffing (paid and Claim of retaliatory Whistleblower protection volunteer) termination policy

Those activities related to staffing

Operations Documents shredded as Policy in place for

Programs and services part of a cover-up of document preservation

offered wrongdoing and archiving. Policy toprohibit destruction ofdocuments during aninvestigation. Closersupervision.

Relations with the public Allegations of financial Form 990 prepared

Public image and mismanagement correctly. Financial

reputation in the documents certified to be

nonprofit community accurate.

ch09_4386.qxd 2/10/05 10:17 AM Page 145

2. Identify which of the techniques for treating risk would apply to eachrisk. Sometimes, more than one technique will apply. It’s OK toblend approaches as long as these approaches do not contradict,or create confusion on how the risk is to be treated. Becausethree of the four risk management techniques are not necessar-ily mutually exclusive, you can choose to use more than onetechnique. Obviously, if you choose “avoidance” as a tech-nique, that’s the end of the activity. For any given risk, you canchoose to modify the conditions that relate to the risk, you cantransfer the risk to some extent by purchasing insurance, and youcan retain part of the risk by having a relatively high insurancedeductible. Remember, however, that when you choose ahigher deductible, you need to ensure that sufficient funds arealways available to cover the deductible in the event of an in-sured loss. If you choose to transfer the risk and purchase insur-ance, you must also be aware of the conditions of coverage, andthe exclusions. There are some standard exclusions for propertyinsurance, such as flood, war, and civil unrest. Other types of fi-nancial losses are not covered because they are uninsurable.

3. Assign individuals or groups to carry out the action items that will com-plete this year’s risk management program. Remember, risk man-agement should be part of everyone’s performance expectations.The action items should also include risk management activitiesfor every division within the nonprofit.

4. Begin to develop a list of risks for the second round (next year) of the riskmanagement process. The risks in the next round are usually risksidentified initially, but not selected for the first round. Thesetiers of risks and the identified techniques for dealing with eachrisk will serve as the foundation for developing your risk man-agement program.

2. Risk management implementation. Start by listing all of the SOX bestpractices and compliance activities that your nonprofit has done.This is an important method of demonstrating that your nonprofithas implemented sound risk management strategies in each of theseareas.


ch09_4386.qxd 2/10/05 10:17 AM Page 146

For those areas that don’t seem to be included in the SOX best prac-tices, consider how one of these four options might be useful indealing with the risk:

1. Avoidance. This option means discontinuing the activity or prac-tice (not usually a practical option). For a nonprofit, this optionwould mean discontinuing a program or activity that appears tobe presenting an unacceptably high level of risk. Usually, thisoption isn’t necessary or desirable.

2. Retention. This option means that a nonprofit can either establisha restricted fund that would be used to address losses from therisk or significantly raise the deductible on an insurance policythat addresses the risk (such as automobile policies).

3. Modification. This method considers how the features of a riskcan be changed to reduce the risk’s potential for frequency orseverity. This option is the way most risks are generally treated.The nonprofit considers ways in which the potential for damagefrom a risk can be reduced by implementing new procedures,protocols, or better training.

4. Transfer. This option is the means by which the financial aspectsof the risk are transferred. There are a number of ways in whichthis is done, the most common method being the purchase ofinsurance. Although this option is generally combined withmodification, it is by no means an end in itself. Insurance pre-miums can be raised significantly by claims, and sometimes, ifthe number of claims is high, coverage will be cancelled, or nolonger available. Insurance does not cover other significant ex-penses such as the court awarding punitive damages for egre-gious behavior. If a nonprofit receives this type of judgment, itis not covered by insurance.

3. Risk administration and monitoring. This step begins as soon as deci-sions are made on how to treat the current list of risk areas. Some-times, the treatment applied to a risk area doesn’t work, or doesn’twork as well as was planned. That’s to be expected. What’s impor-tant is that the risk management decisions are being reviewed and,if necessary, modified to determine a better outcome. This step is


ch09_4386.qxd 2/10/05 10:17 AM Page 147

also a very important part in keeping the process alive. New prac-tices and protocols need to be monitored, and new risk areas thatemerge need to be presented in the next round of risk assessment.

Designing a Risk Management Program The first step in designing arisk management program is prioritizing the risks. Consider which of therisks that you have identified are the most important—or hazardous—toyour nonprofit. How many of these risk areas would you be able to realis-tically address in the next three months? Six months? One year? That’show you should begin to prioritize the risks. The ones that need immedi-ate attention go into the three months’ category, and so on.

The risk management program is an interactive document that is con-sulted regularly, modified, and reviewed at specific time intervals. Theprogram should be stored electronically or housed in a loose-leaf binderthat does not gather dust. Everyone on the board and on the nonprofit’sstaff, including volunteers, should have a copy of the program, and every-one should understand what they are responsible for monitoring in theprogram.

Developing the Risk Management Plan The following is a table ofcontents for the risk management plan. The items listed in the table of con-tents are contained in an electronic file or large loose-leaf binder. (See Ap-pendix J for additional information on each item.) It is important that theplan is reviewed at least twice a year, and that the nonprofit take steps toensure that risk assessment, risk management implementation, and risk ad-ministration and monitoring take place on a regular basis.

Risk Management PlanTable of Contents

Risk Assessment Report for the FY or Calendar year 20XXNonprofit ProfilePlan of action to address the risk assessment reportFirst-priority risksResources needed to address these risksTechniques for each riskResponsibilities and timelinesDesired outcomes/ measurements of success


ch09_4386.qxd 2/10/05 10:17 AM Page 148

Documentation of prior claims, occurrencesSecond-priority risksResources needed to address these risksTechniques for each riskResponsibilities and timelinesDesired outcomes/measurements of successDocumentation of prior claims, occurrences

Other sections of a risk management program include

• Important documents (e.g., insurance policies—declaration sheetonly)

• Phone numbers of insurance professional, attorney, board of directors,other key staff, and volunteers

• Risks to be considered for next fiscal year or calendar year

Using SOX Best Practices to Facilitate the Design of aBusiness Continuity Plan

When the topic of business continuity or contingency planning is raised,many people think of scenarios such as hurricanes, floods, earthquakes, andthe like. The reality is that the operations at your nonprofit can be inter-rupted by a key person leaving, becoming ill, or dying. A fire in an ad-joining office could be the reason why your building is red tagged (i.e.,declared off limits by local authorities). The smoke and water damage fromthat fire could destroy your offices. Even a sudden loss of electricity or theintroduction of a virus transmitted through the Internet could destroy yournonprofit’s databases and electronic files.

What Are the Sources of Business Interruptions? Events that createinterruptions in the normal flow of operations at your nonprofit can comefrom any number of sources. Events related to nature, such as earthquakes,are very difficult to predict. Other natural phenomena such as hurricanes,tornadoes, and even floods may be able to be predicted, albeit in a shorttimeframe.

Interruption of operations can also come from civil sources, such asriots, police action, or large-scale demonstrations. Nonprofits located inurban areas can be affected if there is a severe traffic jam or street closure


ch09_4386.qxd 2/10/05 10:17 AM Page 149

due to an accident, or infrastructure event such as the rupture of a seweror gas main.

Some of the most disruptive and long-lasting interruptions come underthe heading of “person-made,” such as hackers, or computer virus orworm infestation. Virus and worm infestation has the potential for doingirreparable damage to databases and hard drives.

Sadly, workplace violence, including bomb threats, has become a morecommon source of interruption. The source of this violence could be aspillover of domestic violence, or from a disgruntled worker or client. Theresult of this type of interruption can be devastating for the nonprofit.

The nonprofit can experience a need to redirect its resources in thewake of a loss of a major client(s) or a contract. Many nonprofits do notnecessarily recognize that this type of an event is a business interruption,but it is. The loss of a significant income stream and/or the potential to se-cure the renewal of a major contract can signal the need to curtail impor-tant programs and/or a loss of reputation in the community.

An interruption in operations can also be the result of the loss of essen-tial members of staff or the executive team. The interruption wouldbecome particularly acute if the individual(s) possessed knowledge, net-working connections, or institutional history that was either not docu-mented or shared with individuals in the nonprofit.

What Is a Business Continuity Plan? Business continuity planning(BCP) is the means by which a nonprofit can design strategies to resumeessential business operations immediately following a business interrup-tion, and take steps in advance of any interruption to establish backup sys-tems to preserve the nonprofit’s assets, files, records, and other essentialcomponents of its operations. The implementation of SOX requirementsand best practices and any state laws that would apply to your nonprofit canbe easily leveraged to facilitate the design of an effective BCP. By virtue ofyour having taken these steps, your nonprofit can easily incorporate theminto the elements of a BCP. Appendix K presents a sample business conti-nuity plan.

Having an effective plan allows your nonprofit to share the plan, andyour best practices, with your insurance professional. The insurance indus-try is calling for proof of contingency planning from commercial clients,which includes nonprofit organizations. Having a BCP illustrates that the


ch09_4386.qxd 2/10/05 10:17 AM Page 150

nonprofit intends to remain a viable entity, ready to serve regardless ofwhat happens. The plan could also serve to position your nonprofit morefavorably to negotiate rates for business interruption and extra expensecoverage. Your insurance professional can advise you on these matters.

A BCP is a means by which a nonprofit has a strategy that it can imple-ment immediately following an interruption. The rollout of the plan is es-sential to maintaining the confidence and trust of donors, suppliers, staff,and other stakeholders. The provisions of the plan will help your nonprofitremain in compliance with federal and state regulations regarding docu-ment preservation, submission of required materials such as an IRS Form990, and other requirements.

Developing a BCP that is available for immediate implementation is an-other demonstration of your nonprofit’s commitment to accountability.This planning, as well as your risk management planning, can be listed inthe section of the IRS Form 990 that reports on organizational progress.

The BCP will facilitate the resumption of services to clients, will enablestaff to keep their jobs, and will facilitate the intake of emergency dona-tions. We live in a very generous society. In the event of an interruption,the sooner your nonprofit can communicate what happened, and thatemergency donations would be helpful, you will also need to have the in-frastructure in place to accept and acknowledge these donations. The planwill also enable your nonprofit to provide support to clients, staff, and vol-unteers who may be experiencing the impact of the disaster.

Designing the Plan Like any important operational planning, businesscontinuity planning must have visible commitment by the board and sen-ior management. These individuals need to clearly endorse the need for theplan and articulate the expectation that the plan will be completed in aspecified time frame. Those individuals assigned to lead the project thenneed to introduce BCP concepts to staff and managers. The process will bestreamlined by the creation of a cross-functional team. The team needs tobe privy to all of the SOX best practices that have been put in place at yournonprofit.

The BCP planning team’s agenda needs to include the following:

• Identify possible business interruptions. This exercise should briefly con-sider both likely and unlikely interruptions. However, the “deliver-able” from this brief exercise should be an overview of the reasonably


ch09_4386.qxd 2/10/05 10:17 AM Page 151

possible interruptions in terms of severity. Don’t spend a lot of timeon this discussion. There are a myriad of sources of interruptions.

• Determine crucial functions. In order to establish strategies for businessresumption, it is important to determine what operational activitiesand functions are essential for your nonprofit. Who performs theseactivities and functions? Are there written protocols and proceduresfor these activities and functions? What would happen if the personwho usually does an essential function were not available? Whowould take that person’s place?

Some examples of essential functions include:

• Administration, human resources, and payroll. These three areas addressimportant organizational infrastructure. In the event of a natural dis-aster, many people find that they no longer have jobs. Your nonprofitneeds to establish strategies to ensure that your employees know thatthey will have jobs, and that they have obligations to the nonprofitsuch as working shifts or working in a different functional area.

• Finance. The function of finance includes procedures related to thenonprofit’s general operating funds, the nonprofit’s insurance cover-age, claims procedures, and loss documentation. Additionally, yournonprofit will need to consider how to use credit sources for businessresumption. Check writing and monitoring, and fund transfers andwiring are means by which expenses related to mitigation steps can befinanced. Security procedures related to confidential transactions andother codes need to be in place.

• Client services. The BCP needs to include a clear description of themenu of services provided to your nonprofit’s clients. In the event ofan interruption, the list of services might have to be revised to includeonly the priority services.

• IT. Information technology is essential to resuming operations fol-lowing an interruption. The sooner your nonprofit can access itse-mail, electronic files, and electronic databases, the faster you will beback in full operation.

• Development and fundraising. This department or function is taskedwith identifying the resources that the nonprofit needs for its opera-tion. In the event of a business interruption, this department would be


ch09_4386.qxd 2/10/05 10:17 AM Page 152

tasked with accepting and acknowledging emergency donations. Asthese emergency donations are received, there would need to berecognition that the gift is either unrestricted or restricted. A systemwould need to be in place to ensure that in the event of an interrup-tion, emergency donations would be handled correctly and in keep-ing with any new state legislation.

• Typical plan protocols. The next step would be setting up procedures todeal with the immediate emergency, and then the procedures for re-suming operations. For example, a procedure to deal with an imme-diate emergency would include the evacuation of staff, clients, andvisitors. The BCP should have a section that describes evacuationprocedures, emergency exits, and the like.

• Communication with stakeholders such as board, staff, volunteers,clients, and donors will be important to provide necessary infor-mation and to appeal for assistance.

• Public relations and media contact will be important in providinginformation about the emergency to the community, and how thepublic can help.

• Alternative work and service delivery sites, including staff status,availability, and notification, are all-important aspects of the plan.

• Things to consider. Because your nonprofit has incorporated SOX bestpractices, the composition of the BCP is easier and faster. Here aresome sample elements of the BCP that are facilitated by incorporat-ing SOX best practices:

• Financial procedures and methods for storing and archiving financial docu-ments. Because your nonprofit has adopted SOX best practices,there are procedures already in place for document storage andbackup. Financial procedures are in place and internal controlshave been strengthened.

• Board procedures and expectations. By adopting SOX best practices,your board has a better understanding of its role in the nonprofit’soperation and what its role would be to ensure that operationswere resumed in the event of an emergency.

• Staff and senior management roles and expectations. These roles andexpectations are clarified through SOX best practices.


ch09_4386.qxd 2/10/05 10:17 AM Page 153

• Fundraising protocols and procedures. A combination of SOX bestpractices, particularly in auditing and preparation of IRS Form990, sets the stage for strengthening fundraising protocols and pro-cedures. In the event of an interruption in operations, the devel-opment function would need to ensure that emergency donationswere received, recorded, and acknowledged properly.

• Document retention system includes remote access to data files. The SOXlegislation requires that your nonprofit establish document reten-tion policies and procedures.

• Identification of resource needs for business resumption and where these re-sources can be obtained quickly. As your nonprofit adopts the SOXbest practices, particularly as these relate to the annual audit, theorganization will need to review its current vendor and serviceprovider list to ensure that all contracts and arrangements are inorder.

• Keeping the plan alive. Like the risk management plan, the BCP needsto be reviewed and revised to keep it viable. With any contingencyplan, it is advisable to stage a crisis “simulation” to determine how fastthe staff can exit the building, or how well a phone tree works. Aswith any new plan, it is essential to offer training to the board, staff,and volunteers.

Conclusion

The recommendations in this chapter are but a few of the ways in whichyour nonprofit can benefit from the adaptation of SOX best practices. Themost important gain that your nonprofit can experience is the movementto a new level of performance and accountability. Regardless of the size ofyour nonprofit, your team can hold its head high!

Endnotes1. “Nonprofit advisory group in crisis,” San Francisco Chronicle (January 22, 2004).2. “SF Nonprofit to shut down,” San Francisco Chronicle (May 19, 2004).


ch09_4386.qxd 2/10/05 10:17 AM Page 154

155

SOX Best Practices forSmall Nonprofits

Susan is a member of a tiny nonprofit board. Her nonprofit providesdance education to people of all ages—very young to middle age and be-yond. It’s a grassroots organization committed to introducing the joys ofdance to young and old alike. She worries that the expectations of the pub-lic sector and the nonprofit world will serve to wipe out the dance center.In her community, no other nonprofits provide this type of service to sucha wide-ranging clientele. At a recent seminar, the speaker informed Susanthat an audit would cost her nonprofit approximately five thousand dollars.He might just as well have said a million dollars.

Although Bob is 3000 miles away, he finds himself in a situation similarto Susan’s. His nonprofit is only a few years old. Already, the young peo-ple whom his nonprofit serves have won awards for excellence in theirartistry. Yet the nascent infrastructure of his nonprofit needs to quicklycatch up with the needs of its clients, and the growth potential that theirtalent offers. Both Bob and Susan need a way to incorporate the SOX bestpractices on a scale that fits their nonprofits.

Five Myths That Hold SmallNonprofits Back

1. We’re poor, grassroots, small, not part of the establishment, out in theboonies [or other reasons, just fill in the blank]. The litany of woes goes

Chapter 10

ch10_4386.qxd 2/10/05 10:17 AM Page 155

on forever. The reality is that in the eyes of the law, your nonprofitis accountable for its operations and outcomes.

2. No one would investigate us, sue us, or [fill in the action]. The truth of thematter is that the United States Senate Finance Committee is con-sidering scores of regulations that would require nonprofits to com-ply with new laws and regulations. For example, one proposal wasfor all nonprofits to have their 501(c )(3) designations reviewedevery five years by the IRS.

3. We’re not Enron. We don’t have time to worry about laws. Our staffand board suffer so much and are so underappreciated that we barelycan get through another year. The truth is that we have now en-tered the twenty-first century. You do have to comply with federaland state laws—all of them. If you and your staff/board really feelthat way, you need to consider closing your nonprofit, or find afresh and energetic staff or board.

4. SOX best practices are expensive and time consuming. There are manyways in which a small nonprofit can incorporate SOX best practicesinto its operations. Most of these best practices take the form of poli-cies and procedures. The Appendices contain samples for a range ofpolicies and documents. The most important and powerful changethat a small nonprofit would have to make is in its collective mind-set. Establishing a schedule or sequence of deliverables is essential inhelping a nonprofit stay on track.

5. If we insist on board member productivity, no one will join the board. Ifyour nonprofit is having difficulty recruiting board members be-cause you demand performance, you are recruiting the wrong typeof people. Effective board members are not afraid of work, nor arethey looking for the path of least resistance. By the way, they’ll askyou if your nonprofit has Directors and Officers insurance, and theywon’t join your board unless you secure this insurance.

Actively embracing a mindset that recognizes the nonprofit as a le-gitimate business entity is healthy for all concerned. The nonprofitmay be small in size, but can be as large in spirit as any large nonprofit.The time has come for all nonprofits to understand that the publicsector and the public at large expect accountability and responsiblemanagement. The days of the “Mom and Pop” nonprofit are over!

156 chapter 10 sox best practices for small nonprofits

ch10_4386.qxd 2/10/05 10:17 AM Page 156

The level of cranky discourse that is heard from nonprofit associa-tions whenever legislation is recommended or passed that requiresgreater nonprofit accountability is indicative of how much the non-profit world needs to mature. These associations would better servetheir constituents if they encouraged a productive response and pro-vided tools for facilitating compliance.

Adopting SOX Best Practices

Your nonprofit won’t always be small—and it’s easier to build strong bonesin the early days of the organization. The adaptation of SOX best practicesserves to illustrate the nonprofit’s commitment to maintaining public trustand serving its mission. Further, having these policies and procedures inplace illustrates to current and potential donors that the nonprofit’s boardand management are committed to the organization as a going concern.

SOX best practices will help your board and senior management togrow your nonprofit into a larger organization. Demonstrating that yournonprofit is willing to be accountable will facilitate attracting the resourcesthat your organization needs. The providers of these resources need to beconfident that your nonprofit is a good investment of their funds, or time,or in-kind donation.

All nonprofits, even small ones, have an obligation to their donors,clients, and their community at large to safeguard the nonprofit’s assets andmake decisions that will support the organization’s mission. Board devel-opment and training in financial literacy are wise investments of time andenergy—and money if necessary.

Scaling the SOX Best Practices toFit the Needs of Small Nonprofits

Consider the ways in which each recommendation can be scaled to suit theneeds of the small nonprofit.

• Whistleblower protection policy. A whistleblower protection policy is oneof two SOX requirements that apply to all organizations—right now.Chapter 5 discussed this policy, and Appendix B has a sample ofthe “talking points” that need to be in a whistleblower protectionpolicy. This policy is not size sensitive. Once the policy is in place and

scaling the sox best practices to fit small nonprofits 157

ch10_4386.qxd 2/10/05 10:17 AM Page 157

approved by the board, everyone in the organization must be advisedthat it exists and what the procedure is for filing a report or grievancerelated to waste, fraud, and abuse.

• Document retention and storage protocols that include a prohibition of de-stroying documents to be used in an investigation. A document retentionprogram is the second Sarbanes-Oxley requirement that applies to allorganizations. This policy is, again, not necessarily size sensitive. Theprocess for the implementation of this policy was discussed in Chap-ter 5, and Appendix C contains a sample policy plan and instructionsfor creating a document retention program. The key for documentretention in a small nonprofit is to keep the process simple. The plancan be enlarged as the nonprofit grows. The process should be ini-tially streamlined to focus on financial documents, legal documents,and HR documents. Training for staff and volunteers needs to be verysimple and user-friendly. People will ignore complicated processes,and you can hardly blame them for doing that. People simply havetoo much to do.

Smaller organizations might consider establishing a streamlined se-quence for activities that relate to document retention, such as:

1. Draft a brief policy with simple language that is easily understoodthat prohibits the destruction of documents while the nonprofitis part of an investigation or other crisis scenarios. The policyneed not be lengthy, just a statement that in the event of an in-vestigation or crisis, there will be a general order circulated thatprohibits the destruction of any documents. Failure to complycan result in termination. Important! It is essential that yournonprofit be prepared to execute the consequences that it statesin a policy like this. If your nonprofit is not prepared to termi-nate someone for violation of this policy, don’t include lan-guage to that effect.

2. Compile a list of all of the types of documents that need to bestored and archived. It is particularly important to store thosedocuments that provide proof that something was done, nego-tiated, a contract was written for [X], or other documents thatsupport actions. Legal documents, personnel files, board files,and volunteer files are important to store and archive.


ch10_4386.qxd 2/10/05 10:17 AM Page 158

3. Develop an equally user-friendly process for retrieving docu-ments. That means the storage protocols need to be very simple.The reason why documents need to be easily retrieved is that ifa regulatory agency like the IRS does an audit of your nonprofitand asks for Document X —they want it now.

4. Do a test-run of the protocols. Do they work? Can they be sim-pler and easier to understand?

If steps 1 through 4 mean that you have to clean up your non-profit’s files, consider this a gift. Your nonprofit will function betterwhen it is easy to store and retrieve documents.

• Audit committee. For many nonprofits, the cost of an audit is prohibi-tive. For example, if the nonprofit’s budget is below $2 million, anaudit may be too expensive. However, it is essential that the non-profit’s financial statements and procedures are evaluated to determinethat the nonprofit is in good financial health. Your nonprofit’s financecommittee can become a “finance/audit committee” to make certainthat the nonprofit’s financial statements and processes are evaluated. Ifpossible, recruit one or two individuals who are not on the board—and not going to join the board—to do a short financial evaluationproject. How can this be done?

Here are some suggestions:

• Find an intern from a local university. The members of the financialevaluation team can work with the intern to generate a review ofthe nonprofit’s books and internal controls. Many graduate tax orfinance programs offer internship opportunities for students whowould like to become auditors. This is a potential win-win. Yournonprofit receives cutting-edge services (the intern is usually su-pervised by a professor who is a CPA), and the graduate studentcan list this internship on his or her résumé. Your nonprofit, as theprovider of a professional opportunity for a graduate student, can af-ford to be choosy. When inquiring about an intern, insist that theintern be an excellent student (with a GPA of at least 3.5) and in-sist on proof of the student’s academic excellence, whether that isin the form of a transcript or a recommendation from the student’sdean. Before the student is placed, review the internship contractwith the university. Insist that you be provided with contact


ch10_4386.qxd 2/10/05 10:17 AM Page 159

information for the professor who is supervising the internship.The financial evaluation team from the finance/audit committee,the professor, and the student can tailor this internship to meetyour nonprofit’s needs.

• Contact the local chapter of the CPA society. Professionals such asCPAs and attorneys often are required to provide pro bono servicesto the community.

• Request assistance from a local nonprofit clearinghouse. Nonprofit clear-inghouses can often put smaller nonprofits in contact with serviceproviders.

• Financial literacy training for board and senior management. Graduate stu-dents can also provide this type of training. The training can be doneindependently, or can be part of an internship, particularly if thegraduate student is interested in a teaching career. A phone call tothe placement office or internship office at your local college or uni-versity can connect you with individuals who could provide theseservices.

Another method of obtaining services for this type of training is toask your banker to do a presentation or contact a nonprofit clearing-house. Again, keeping the training simple and user-friendly is essen-tial. The handouts should not be complex, and board members shouldbe able to use these materials as resources.

• Conflict of interest policy. A conflict of interest policy is not size-sensitive. Having a conflict of interest policy serves the dual purposeof educating the board on its legal obligation of loyalty and on whatconstitutes a conflict of interest. Some board members are very re-luctant to be forthcoming about real or potential conflicts of interestfor fear that they will be dismissed from the board. That doesn’thave to happen. A board member can disclose a conflict of interestand continue to be a productive and useful member of the board.Educating the board is essential, and having a plan to judiciously dealwith any disclosed conflicts of interest will help to encourage moretransparency.

This policy and set of procedures are easily drafted for nonprofitsof any size. There is a sample conflict of interest policy and letter inAppendix E. Consider preparing a policy and set of procedures that


ch10_4386.qxd 2/10/05 10:17 AM Page 160

deal with the major areas of concern. For example, it is essential thatall board and senior management sign a letter disclosing any real orpotential conflicts of interest. If the board members or staff membershave no conflicts of interest, then it is also important to signify this onthe letter. The letters need to be kept on file and archived (see Chap-ter 5). The conflict of interest policy itself needs to be distributed, andeach board member and senior staff member needs to initial or sign aform (which could be one form that captures all of the initials or sig-natures) stating that they have received a copy of the policy.

More importantly, everyone on the board and senior staff need tounderstand that disclosure is the expected norm, and failing to disclosea real or potential conflict of interest is grounds for dismissal. Theboard can institute simple procedures for excusing a board member orsenior staff member when the discussion addresses an area in whichthe individual indicated that he or she has a conflict of interest. Theprocedures need not be onerous or complicated, just standardized soeveryone is treated alike.

• Code of ethics for board and senior management. This policy describes thetypes of behavioral expectations that relate to the roles of board mem-bers and members of senior management. One provision that is par-ticularly significant is the prohibition against any type of loan orfinancial gift by the nonprofit to a board member or member of thestaff at any level. Nonprofits of all sizes should have a code of ethics.It need not be lengthy or complex. A sample code of ethics is in Ap-pendix F.

• Board policies and procedures. This document outlines the size of theboard, and the various roles and duties of the board, including the dis-tinction between governance roles and management roles within thenonprofit. The document also includes a summary of board commit-tees’ descriptions and performance objectives and the board’s self-evaluation process.

An important part of the discussion needs to include an outline ofthe sequence of the director nomination and election process, a dis-cussion explaining director independence, and an outline of directororientation curriculum and a continuing education agenda. Samplesof all of these documents can be found in Appendices G and H.


ch10_4386.qxd 2/10/05 10:17 AM Page 161

Keys to Success in CustomizingSOX Best Practices

There’s no reason why small nonprofits should not be able to adopt all ofthe SOX best practices. Perhaps the most important aspect of embarkingon this endeavor is to understand that any best practice can be customizedto address the nonprofit’s size, scope, and operations. It can be done, andthere are people in your community who are willing to help—universities,professional organizations, and nonprofit clearinghouses. You simply haveto ask for assistance.

• Develop an organizational resolve to strengthen your nonprofit’s in-frastructure. Consider the ways in which best practices can be tailoredto fit your nonprofit . . . Your nonprofit is only small in size (at thepresent moment), but can have a spirit, drive, and commitment equalto any large nonprofit.

• Bring on at least one new board member this year. Target your re-cruitment to members who bring a needed skill set, such as finance,to the board. It is important, however, to have your legal counsel andinsurance professional be independent of the board.

• Use board meetings, board retreats, and staff meetings to present in-formation on SOX best practices, the legislative environment, and, ifapplicable, any state laws on nonprofit accountability. The more theboard, management, and staff understand about accountability expec-tations, the more they will understand how important it is to invest inadopting SOX best practices.

• Review the suggestions in this book and consider how each bestpractice would look in your nonprofit. The samples in the Appen-dices are designed to help you walk through the policies and docu-ments to determine how these can fit your nonprofit’s needs. Someof the best practices are not size-sensitive. For example, the con-flict of interest policy and the code of ethics are necessary in non-profits of all sizes. Have your nonprofit’s legal counsel assist youwith the language. If your nonprofit doesn’t currently have legalcounsel, now is the time to obtain assistance. If your nonprofit re-quires pro bono assistance, contact your state or local bar association.


ch10_4386.qxd 2/10/05 10:17 AM Page 162

Attorneys are expected to do a certain amount of pro bono work.You might also want to contact your local or regional nonprofitclearinghouse for assistance.

Conclusion

Small nonprofits are in many ways the future of the entire nonprofit sec-tor. Grassroots organizations have been a part of American society sincecolonial days, and are a unique aspect of American life. In today’s increas-ingly regulatory environment, nonprofits can also lead the way in promot-ing accountability and transparency.

conclusion 163

ch10_4386.qxd 2/10/05 10:17 AM Page 163

ch10_4386.qxd 2/10/05 10:17 AM Page 164

Best Practices: Checklists,Worksheets, andSample Documents

Appendices

165

These appendices are intended to show you how to get started in de-veloping the policies, procedures, and documents that your nonprofit willneed to implement SOX best practices. These sections have been de-signed in a walk-through format: talking points, design pointers, and othercomponents.

Discla imer

Important! The language is not intended as legal advice and the talk-ing points are not legal recommendations. You need to consult withyour legal advisor to ensure that the language and design are appro-priate to the needs of your nonprofit.

The walk-through can be facilitated by the use of checklists and work-sheets provided in the appendices as well as sample documents. These ma-terials correspond to one or more chapters in the book.

As you use the materials in these appendices, remember that in theinitial adaptation of SOX best practices, less is more and simplicity is veryimportant. The policies and procedures need to be user-friendly. The intent

ch11_app_4386.qxd 2/10/05 10:18 AM Page 165

of the appendices is to help you design materials whose content is neces-sary and sufficient. Too many rules and too many procedures will blockimplementation. It is important to actively manage the adaptation of thesebest practices. Failing to have serious consequences for failure to complywill dilute effectiveness as well. Remember that the SOX best practiceswill serve to change your nonprofit’s organizational culture. Culture doesn’tchange without a visible, palpable change in what behaviors are reinforcedand what behaviors are extinguished.

166 appendices best practices

ch11_app_4386.qxd 2/10/05 10:18 AM Page 166

167

Working Through the FourBasic Financial Statements

Before working with the materials in this section of the Appendix, youshould be sure to have a fairly good understanding of the materials pre-sented in Chapter 3, which discusses the financial statements. This sectionof the Appendix contains samples of the balance sheet, the statement of op-erations, the statement of changes in net assets, and the statement of cashflows. Each of the four statements is explained in detailed.

Balance Sheet

Exhibit A.1 is a sample balance sheet for a nonprofit agency. As discussedin Chapter 3, the balance sheet is a snapshot of the organization at a givenpoint in time. As you can see in Exhibit A.1, the balance sheet contains alisting of the current and non-current assets, the current and non-currentliabilities, and the net assets. The statement is called the “balance” sheet be-cause it shows the balance between the total assets and the liabilities plusthe net assets. According to the basic accounting equation

Assets = Liabilities + Net assets

The balance sheet reflects that equation and is typically presented in twocolumns, with the assets displayed on the left-hand side and the liabilitiesand net assets displayed on the right-hand side.

Appendix A

ch12_appa_4386.qxd 2/10/05 10:18 AM Page 167

It should be noted that not all balance sheets contain the same accountsas the provided sample. Some nonprofits may subdivide their accounts intovery specific accounts, which would increase the number of accounts pre-sented in the balance sheet. For example, in the sample balance sheet, oneof the current assets is “short-term investments.” This account contains allof the investments that have a “life” between 3 and 12 months. Some or-ganizations may choose to subdivide the short-term investments accountinto several accounts, such as certificates of deposit, notes, and treasurybills. How an organization chooses to set up its accounts is dependentupon the amount of specificity the organization desires. Conversely, some

168 appendix a the four basic financial statements

sample balance sheet for the Exh ib i t A . 1per iod end ing december 31, 20X1

ASSETS LIABILITIES

Current Assets Current LiabilitiesCash and Cash Equivalents 4,258 Long-Term Debt, Current 1,470Short-Term Investments 9,136 Accounts Payable 2,817Net Accounts Receivable 15,020 Wages and Salaries Payable 3,001Supplies 1,997 Supplies Payable 2,143Prepaid Expenses 670 Utilities Payable 1,969Other 783

Total Current Assets 31,864 Total Current Liabilities 11,400

Non-Current Assets Non-Current AssetsNet Property and Equipment 49,358Long-Term Investments 16,979 Long-Term Debt, Net 20,100Assets Limited as to Use 10,470 Other 6,997Other 6,375

Total Non-Current Assets 83,182 Total Non-Current Assets 27,097

TOTAL ASSETS 115,046 TOTAL LIABILITIES 38,497

NET ASSETS

Unrestricted 67,720Temporarily Restricted 3,216Permanently Restricted 5,613

TOTAL NET ASSETS 76,549TOTAL LIABILITIESAND NET ASSETS 115,046


nonprofits may choose to collapse many of the accounts into single ac-counts. There is a fine line between having too many subdivisions and nothaving enough. The rule of thumb is to have enough subdivisions to givemeaning to the balance sheet and that complies with how the stakeholdersof the nonprofit want to see the financial information presented.

Assets

In Exhibit A.1, the total assets (current assets plus non-current assets) equal$115,046. The current assets, which total $31,864, consist of items that arevery liquid and could be converted within one year’s time into cash. Ofthese current assets, cash and cash equivalents are, of course, the most liq-uid, as they either are already in a cash form or can be converted to cash inthree months or less. The non-current assets, which total $83,182, consistof assets that have a life longer than one year. This type of asset cannot bequickly converted into cash. Each of the current and non-current assets isdefined here.

Current Assets The current assets shown in the sample balance sheetinclude:

• Cash and cash equivalents

• Short-term investments

• Net accounts receivable

• Supplies

• Prepaid expenses

• Other

The cash and cash equivalents account, which totals $4,258, contains allof the cash owned by the organization and any assets that can be convertedto cash within three months. Examples of the items in this account wouldinclude bank accounts, treasury bills with a maturity of 13 weeks, moneymarket mutual funds, banker acceptances, negotiable certificates of de-posits (CDs) with maturities less than three months, and other very short-term marketable securities.

The short-term investments account, which totals $9,136, contains theassets owned by the organization that could be converted to cash in a

balance sheet 169


relatively short time period, between 3 and 12 months. Examples of short-term investments include negotiable CDs and bonds with maturities be-tween three months and one year, commercial paper, and other marketablesecurities the organization plans to hold for a relatively short time period.

Net accounts receivable, which totals $15,020, reflects the money thatis owed to the nonprofit by its clients. Many nonprofits have arrangementswith their clients that allow them to purchase the product or service oncredit. After the product or service is delivered, the organization issues aninvoice, or bill, for any clients who have been extended credit. Net ac-counts receivable consists of the value of all of the invoices for goods andservices that the organization has issued, subtracting out any amounts thatthe organization believes will never be paid. Once the bad debt has beensubtracted from accounts receivable, what remains is referred to as the “netaccounts receivable.” Accounts receivable is considered a current asset be-cause the organization expects that it will “turn over” its accounts receiv-able within a short period of time, typically 90 days or less. Turning overaccounts receivable quickly is an important aspect of cash management, asthe quicker the invoices are converted to cash, the quicker the organizationcollects its receivables. The sooner the invoices are paid, the sooner an or-ganization can put the cash to work. In addition, if the receivables areturned quickly, there is a smaller risk of having delinquent or nonpayingclients.

The supplies account, which totals $1,997, is the value of all the suppliesthe organization has on hand. Examples of supplies would include officesupplies and supplies used in the production of goods or services, such asany raw materials.

The prepaid expenses account, which totals $670, reflects the value ofexpenses that have been paid in advance. For example, an organizationmay choose to pay in advance for three months of rent. By paying the rentexpense in advance, the organization “owns” the right to the use of the of-fice space for three months. This ownership is an asset to the organization.Other expenses that are frequently paid in advance are insurance, interest,taxes, salaries, utility bills, or the interest on debt.

The Other account, which totals $783, reflects the value of the rest ofthe current assets owned by the organization. This is a “catch all” accountwhere miscellaneous current assets can be placed. If a significant amount ofthe current assets is in the Other account, the organization may not be sub-

170 appendix a best practices


dividing the current assets as much as it should. Having most of the currentassets considered “miscellaneous” does not accurately reflect the organiza-tion’s assets.

Non-current Assets The non-current assets shown in the balance sheet are:

• Net property and equipment

• Long-term investments

• Assets limited as to use

• Other

The net property and equipment account, which totals $49,358, reflectsthe value of property and equipment owned by the organization, minusany accumulated depreciation. Accumulated depreciation is the totalamount of depreciation that has been taken on a tangible asset since it wasput into use. Depreciation is a measure of how much of a tangible asset hasbeen “used up” or consumed during an accounting period. When an or-ganization acquires an asset that has a long life, a depreciation schedule forthat asset is established. Moving forward, the depreciation on each asset isaccumulated, and the accumulated depreciation is subtracted from theoriginal value of the asset. The word net in this account signifies that the ac-cumulated depreciation has been subtracted.

The long-term investments account, which totals $156,979, reflects thevalue of investments owned by the organization with a life greater than oneyear. Examples of long-term investments include real estate, stocks of pub-licly held companies, and bonds issued by private or nonprofit organizations.

The assets limited to use account, which totals $10,470, reflects thevalue of non-current assets whose use has been limited by the organization.For example, the nonprofit may have issued a bond and the bond’s contractterms state that the nonprofit must set aside funds that can only be used tofulfill the bond obligation. This also occurs if the organization has seg-mented some of its assets for specific uses, and does not include the valueof those assets in the general assets.

The Other account, which totals $6,375, reflects the value of the rest ofthe non-current assets owned by the organization. This is a “catch all” ac-count where miscellaneous non-current assets can be placed. If a significantamount of the non-current assets is in the other account, the organization

balance sheet 171


may not be subdividing the non-current assets as much as it should. Hav-ing many of the non-current assets considered “miscellaneous” does notaccurately reflect the organization’s assets.

Liabilities and Net Assets

As they should, the total of the liabilities and the net assets equals the totalof the assets, $115,046. If they did not, the balance sheet is not in balanceand someone has made some type of error. The liabilities, which total$38,497, consist of current liabilities and non-current liabilities. The net as-sets, which total $76,549, consist of the unrestricted net assets, the tem-porarily restricted net assets, and the permanently restricted assets. Each ofthe current and non-current liabilities and the net assets is defined here.

Current Liabilities The current liabilities shown in the balance sheet are:

• Long-term debt, current

• Accounts payable

• Wages and salaries payable

• Supplies payable

• Utilities payable

The long-term debt, current account, which totals $1,470, is a littleconfusing. Why is an item that is called “long-term” included in the cur-rent liabilities? This account reflects the amount of long-term debt thatmust be paid within a year. Any amount of debt or loan principal that theorganization is going to pay off within the next 12 months is shown as acurrent liability. The portion of long-term debt that will be paid off be-yond the next 12 months will be recorded as a non-current liability.

The accounts payable account, which totals $2,817, is the amount owedby the nonprofit to vendors for purchases on credit. Typically, the vendorsexpect to receive payment within 90 days, which makes the account a cur-rent liability. Accounts payable can be viewed as the opposite of net ac-counts receivable, in that it is the amount the organization owes, and netaccounts receivable is the amount that is owed to the organization.

The wages and salaries payable account, which totals $3,001, is theamount that the nonprofit owes to its employees for the labor they pro-



vided. As with the accounts payable account, the wages and salaries payableaccount is the opposite of net accounts receivable, in that it is the amountthat the organization must pay, and net accounts receivable is the amountthe organization expects to be paid.

The rest of the payable accounts, supplies payable ($2,143) and utilitiespayable ($1,969), are analogous to accounts payable, and wages and salariespayable, in that these accounts contain the amount that the nonprofit owesto different entities. Supplies payable is the amount owed to supply ven-dors, and utilities payable is the amount owed to utility companies. As withthe case of accounts payable, and wages and salaries payable, the organiza-tion is expected to pay what it owes within a relatively short period oftime, typically within 90 days.

You may wonder why current liabilities do not have an “other” accountsimilar to the “other” accounts for the current and non-current assets. Ingeneral, it is not necessary to have a current liabilities account since ac-counts payable can be used for that purpose.

Non-current Liabilities The non-current liabilities shown in the bal-ance sheet are:

• Long-term debt, net

• Other

As mentioned in the definition of the “long-term debt, current” account,the portion of long-term debt that will be paid off beyond the next 12months is recorded as a non-current liability. Long-term debt, net is theamount of debt that will not be paid off within the next 12 months andfrom which the long-term debt, current portion has been subtracted. Inaddition, any payments that have been made toward the long-term debthave also been subtracted. The word net is the portion that remains to bepaid on a long-term basis. The value of this account in the sample balancesheet is $20,100.

The Other account, which totals $6,997, reflects the value of the restof the non-current liabilities owed by the organization. This is a “catchall” account where miscellaneous non-current liabilities can be placed. Ifa significant amount of the non-current assets is in the Other account, theorganization may not be subdividing its non-current liabilities as much asit should.

balance sheet 173


Net Assets The net assets, which total $76,549, consist of the unre-stricted net assets, temporarily restricted net assets, and permanently re-stricted net assets. Restating the basic accounting equation illustrates therelationship among the net assets, the liabilities, and the assets:

Net assets = Assets – Liabilities

The net assets can thus be considered the “net worth” of the nonprofit.It is what is left over after all of the organization’s debt and other obliga-tions to pay have been removed. If the value of the assets is equal to thevalue of the liabilities, the net worth of the organization is zero. Eachcomponent of the net assets is defined here.

Unrestricted Net Assets Unrestricted net assets, which total $67.720, are thedollar value of net assets where there is no restriction on how the net assetcan be used. For example, if a donor contributes $10,000 to the nonprofitand does not specify how the donation must be used, that donation wouldbecome a part of unrestricted net assets. Unrestricted net assets do not haveany stipulations or restrictions for their use, other than legal or ethicalconsiderations.

Temporarily Restricted Net Assets Temporarily restricted net assets reflectthe dollar value of net assets that have a restriction on their use, but that re-striction has a time limit. For example, a donor may give land to the non-profit with the stipulation, or restriction, that the land cannot be sold forfive years. Since the land has a temporary restriction on its use, it is a partof temporarily restricted net assets. Once the time period for the restrictionpasses, the land is no longer a part of temporarily restricted net assets andbecomes a part of unrestricted net assets.

Permanently Restricted Net Assets Permanently restricted net assets are netassets that have restrictions on their use, and that restriction does not havea time limit. An example of a permanently restricted net asset is an en-dowment that allows the nonprofit to spend the interest, but never any ofthe principal.



Statement of Operations

The statement of operations is a summary of the nonprofit’s expenses andrevenue, gains, and other support over the entire accounting period, notjust at the end of the period. In the for-profit world, this statement is typ-ically called the “income statement” or the “profit and loss (P & L) state-ment.” As can be seen in Exhibit A.2, the accounting period for the samplestatement of operations is the entire month of December, 20X1, and thestatement tracks all of the movement of expenses and revenue, gains, and


sample statement of Exh ib i t A .2operat ions for the per iod end ing december 31, 20X1


Net Program A Revenue 30,421Net Program B Revenue 33,620Net Program C Revenue 10,555Other Revenues 3,576Donor Contributions 20,735Net Assets Released from Restrictions for Operations 300

Total Revenues, Gains, and Other Support 99,207

Expenses

Wages and Salaries 59,751Supplies 10,635Utilities 8,059Transportation 14,985Depreciation 2,572Bad Debt 1,035Other Expenses 1,018

Total Expenses 98,055

Total Operating Income 1,152Non-Operating Income (Investment) 975

Excess of Revenues over Expenses 2,127

Change in Net Unrealized Gains and Losses 105Net Assets Released from Restrictions Used for Equipment Purchase 437

Increase in Unrestricted Net Assets 2,669


other support for the month of December. The basic formula for the state-ment of operations is:

Revenues, gains, and other support – Expenses = Excess of revenues, gains and other support over expenses

As can be seen in Exhibit A.2, the statement of operations can also have“below the line” items. They are called that because they appear below theexcess of revenues over expenses. They affect the value of the unrestrictednet assets, but they are not considered either revenues or expenses. All ofthe items on the sample statement of operations are defined here.


In the sample statement of operations, the nonprofit has unrestricted rev-enues, gains, and other support coming from three programs (Programs A,B, and C), from donors, from net assets released from restrictions for oper-ations, and from other revenues. The total value of these amounts is$99,207. Each of these terms is explained here.

Program Revenues This nonprofit apparently has three programsthrough which it delivers a set of services or goods. These services or goodsare not provided for free, and each of the three programs generates a rev-enue stream. The total revenues of the three programs are $74,596, whichis a significant portion of the overall revenues. These revenues are termedunrestricted because there is no limitation as to how the nonprofit may usethese revenues, except legal and ethical considerations. The program rev-enues do not mean that the nonprofit has received any money for its serv-ices or goods. Remember, revenues are recognized when they are earned,not when they are paid. Once the service or good was sold, its price be-came a part of revenues. If the nonprofit extends credit to its clients, it maynot have received much, or any, of the money it was owed.

Gains A nonprofit earns gains when it sells an asset for a price higher thanthe value of the asset on the balance sheet. In the sample statement, thereare no gains.

Other Revenues The nonprofit has generated $3,576 from activitiesother than its main function or business. For example, the other revenues



could have come from parking fees. The function of this nonprofit is notto provide parking, so the fees are considered other revenues. In the caseof a hospital, one source of other revenues could be from the gift shop.Selling gifts and flowers is not the main function of the hospital, so any rev-enues generated by the gift shop are considered other revenues. Theseother revenues are termed unrestricted because there is no limitation as tohow the nonprofit may use these revenues, except legal and ethical con-siderations. Income that is generated from investments is not included inthe other revenues account. As you can see in Exhibit A.2, they are locatedin another section of the statement.

Donor Contributions During the month of December 20X1, the non-profit received unrestricted donor contributions totaling $$20,735. Thesecontributions are considered unrestricted other support. They are so termedbecause the donors apparently did not place any restrictions on how thecontributions could be used.

Net Assets Released from Restrictions for Operations In the discus-sion of the balance sheet, the definitions of temporarily and permanentlyrestricted net assets were covered. As the names imply, permanently re-stricted net assets do not have an expiration date for the restriction. How-ever, for the temporarily restricted net assets, the restriction can expire.Once the temporary restriction on temporarily restricted net assets expires,these net assets can be used for operations and become a part of the totalrevenues, gains, and other support. If the time restriction on the temporar-ily restricted net assets is removed but the net assets have been designatedfor equipment purchases, they do not become a part of total revenues,gains, and other support. They instead become a below the line item. Bothof these situations are reflected on this sample statement. The value of netassets released from restrictions for operations is $300. In the below the linesection of the statement, there are net assets released from restrictions to beused for equipment purchase; this amount totals $437.

Expenses

In the sample statement of operations, during the month of December20X1, the nonprofit had expenses from wages and salaries, supplies, utili-ties, transportation, depreciation, bad debt, and other. The total value of



these amounts is $98,055. This does not mean that the nonprofit paid out$98,055. Expenses are not recognized when they are paid; they are recog-nized once the underlying asset connected with the expense is used up orconsumed. For example, on the sample statement is a utilities expense of$8,059. This does not mean that the nonprofit has paid out $8,059. It onlymeans that during the month of December 20X1, the nonprofit consumed$8,059 worth of utilities. Each of the expense items is explained here.

Wages and Salaries During the accounting period, the nonprofit ac-crued $59,751 in wages and salaries expense. This means that the nonprofitused up the labor provided by its employees during the accounting periodand thus generated an expense equal to what the employees earned.

Supplies During the accounting period, the nonprofit used up $10,635worth of supplies. This does not mean that the nonprofit purchased thisamount of supplies or that the organization has paid for this amount of sup-plies; it means that it consumed this amount of supplies.

Transportation During the accounting period, the nonprofit experi-enced a transportation expense totaling $14,985. This is a high amount, soit may be that the nonprofit agency provides some kind of transportationservices for its clients.

Depreciation As discussed in Chapter 3, depreciation reflects how muchof a tangible asset was used up in the accounting period. Depreciation onlyapplies to items such as the nonprofit’s building (if it owns the building)and equipment. Depreciation is a way of recognizing that assets have a lim-ited life, even if it is a long one, and that assets lose value over time. Thisnonprofit is recognizing that it used up $2,572 worth of its long-life assets.

Bad Debt If an organization does not collect its fees and charges at thetime it sells its good or service, it will have to bill its clients. As discussedpreviously, net accounts receivable is the amount of outstanding invoicesand is money that is owned to the organization. However, not all invoicesare paid completely. Some invoices are partially paid and others are notpaid at all. If the invoice is a very old one and the nonprofit has not beenable to collect, it is doubtful that the organization will receive the money



it is owed. Once bad debt is recognized, its value is removed from net ac-counts receivable. Since part of the asset of net accounts receivable nolonger exists, the bad debt becomes an expense of doing business. Thisnonprofit is recognizing that it is not going to receive $1,035 that is owedto it.

Other Expenses This expense account is a catch-all account where mis-cellaneous expenses can be placed. If a significant amount of the expensesis in the other expenses account, the organization may not be subdividingthe expense accounts as much as it should. During the accounting period,this nonprofit had $1,018 in miscellaneous expenses.

Total Operating Income

The total operating income is $1,152. This is the difference between theexpenses ($98,056) and the unrestricted revenues, gains, and other support(99,207). Since this is a positive number, the organization is generatingmore unrestricted revenues, gains, and other support than expenses.

Nonoperating Income

Income generated from investments is not considered a part of the operat-ing income. Instead, it is placed on the statement below the total operat-ing income. This nonprofit earned $975 in investment income.

Excess of Revenues over Expenses

This item on the statement of operations is equal to the total operating in-come plus the excess of revenues over expenses. In this case, $1,152 plus$975 equals $$2,127. The $2,127 can be thought of as the “profit” madeduring the accounting period by the nonprofit. This nonprofit has morerevenues than it has expenses, which is a better situation than the reverse!If expenses are consistently greater than revenues, the nonprofit will havea difficult time of surviving.

Below the Line Items

The sample statement of operations has two below the line items—changein net unrealized gains and losses ($105), and net assets released from



restrictions used for equipment purchase ($437). The change in net unre-alized gains and losses recognizes that one or some of the unrestricted as-sets owned by the nonprofit have increased in value and are now valuedhigher than they were on the balance sheet of the previous accounting pe-riod. However, we don’t want to count this increase in value as a part ofrevenues because the organization has not yet “realized” the extra value.The nonprofit still owns the asset, so the increase in value is considered un-realized. If the asset is sold, any gains made will then be realized.

The net assets released from restrictions used for equipment purchase($437) indicates that some temporarily restricted net assets were releasedfrom restriction, but the net assets were designated for equipment purchaseuse. The $437 should not thus be considered part of the total operating in-come, since it will be used to purchase equipment.

These items are called “below the line” because they appear on thestatement below the excess revenues over expenses. They are placed belowthe line because they do not affect the value of the excess of revenues overexpenses. Why then are they on the statement of operations? They are therebecause the statement of operations is used to create another of the basic fi-nancial statements—the statement of changes in net assets. The below theline items do not affect the value of excess revenues over expenses, butthey do affect the value of the unrestricted net assets. Since we need toknow the value of the change in unrestricted net assets to create the state-ment of changes in net assets, we thus include the below the line items onthe statement of operations.

Increase in Unrestricted Net Assets

The increase in unrestricted net assets is equal to the excess of revenuesover expenses ($2,127) plus any below the line items ($105 plus $437). Inthe sample statement of operations, the increase in unrestricted net assets is$2,669. If the total of the excess revenues over expenses and the below theline items had been a negative number, there would have been a decreasein unrestricted net assets. This figure will be used in the statement ofchanges in net assets.



Statement of Changes inNet Assets

The purpose of the statement of changes in net assets is to account for anychanges in the net assets from one accounting period to the next. A sam-ple statement of changes in net assets is shown in Exhibit A.3.

The statement of changes in net assets includes any changes in all threecategories of net assets—unrestricted, temporarily restricted, and perma-nently restricted. The statement contains information from the balancesheet and from the statement of operations. Each section of the samplestatement is explained here.


sample statement of changes Exh ib i t A .3in net assets for the per iod end ing december 31, 20X1


Excess of Revenues over Expenses 2,127Change in Net Unrealized Gains and Losses 105Net Assets Released from Restrictions Used for Equipment Purchase 437

Increase (Decrease) in Unrestricted Net Assets 2,669


Net Assets Released from Restrictions to Be Used for Equipment Purchase (437)Net Assets Released from Restrictions for Operations (300)Net Unrealized Gains and Losses 575

Increase (Decrease) in Temporarily Restricted Net Assets (162)


Net Unrealized Gains and Losses 289Contributions for Endowment Funds 1,500

Increase (Decrease) in Permanently Restricted Net Assets 1,789

Total Increase (Decrease) in Net Assets 4,296Net Assets, Beginning of Month 72,253

Net Assets, End of Month 76,549



This section of the statement simply contains the information from the lastfour items in the statement of operations. We already know from thestatement of operations that the unrestricted net assets were increased by$2,669. We also know the source of the increase—excess of revenues overexpenses ($2,127), change in net unrealized gains and losses ($105), and netassets released from restrictions used for equipment purchase ($437). Onthe sample balance sheet for December 20X1 (see Exhibit A.1), the valueof unrestricted net assets is $67,720. If we had the balance sheet for No-vember 20X1, the value of unrestricted assets would be $65,051, which is$2,669 less than the value for unrestricted net assets on the December20X1 balance sheet. The statement of changes in net assets shows whythere is a difference in the unrestricted net assets from November to De-cember, and shows the exact amount of the change.


This section of the statement shows the changes in the temporarily restrictednet assets. If you refer to the sample balance sheet (Exhibit A.1), you will seethat the value for temporarily restricted net assets is $3,216. If we had the bal-ance sheet for November 20X1, it would show a value of $3,378. Tem-porarily restricted net assets decreased by $162. How did this happen?

Two of the items in this section came from the statement of opera-tions—the net assets released from restrictions to be used for equipment pur-chase ($437), and net assets released from restrictions for operations ($300).We don’t see the actual value of this particular net unrealized gains andlosses ($575) on either the balance sheet or the statement of operations, butthe transaction did occur and was recorded in the books. We thus includeit in this section.

The temporarily restricted net assets released from restrictions to be usedfor equipment purchase is a negative number since these net assets were re-leased from their temporary restriction and moved into unrestricted net as-sets. When these net assets were released from restriction, they weredesignated for equipment purchase. If you refer back to the sample state-ment of operations (Exhibit A.2), you will find this transaction recorded asone of the below the line items and see how these temporarily restrictednet assets moved into unrestricted net assets.



The temporarily restricted net assets released from restrictions for oper-ations is also a negative number since these net assets were released fromtheir temporary restriction and moved into unrestricted net assets. If yourefer back to the sample statement of operations (Exhibit A.2), you willfind this transaction reported in the unrestricted revenues, gains, and othersupport section of the statement. You will also be able to see how thesetemporarily restricted net assets moved into the unrestricted net assets.

The net unrealized gains and losses ($575) reflect the increase in value inone or more of the temporarily restricted net assets. This is a positive num-ber since the value of the restricted net asset increased.


This section of the statement shows any changes in permanently restrictednet assets. If you refer to the sample balance sheet (Exhibit A.1), you willsee that the value of permanently restricted net assets is $5,613. If we couldsee the balance sheet for November 20X1, the amount would be $3,824.There was an increase of $1,789. How did this happen?

The increase came from two sources—net unrealized gains and losses($289) and contributions for endowment funds ($1,500). Permanently re-stricted net assets cannot ever be considered revenues since they cannot beused for operations. The net unrealized gains and losses ($289) reflect theincrease in value in one or more of the temporarily restricted net assets.This is a positive number since the value of the permanently restricted netasset increased. By the same token, the contributions for endowment fundscannot be used for anything other than the endowment funds, so they in-creased the value of permanently restricted net assets by $1,500.

Total Increase (Decrease) in Net Assets

The total increase in net assets is the sum of all of the changes in the threecomponents of net assets. The amount of the increase ($4,296) is equal to$2,669 minus $162 plus $1,789.

Net Assets, Beginning of Month

This amount ($72,253) could be found on the balance sheet for the end ofNovember 20X1.



Net Assets, End of Month

The amount ($76,549) of the net assets at the end of the month is equal tothe net assets at the beginning of the month ($72,253) plus the amount ofthe increase in net assets ($4296). If you refer to the sample balance sheet(Exhibit A.1), you will see that the total net assets are equal to $76,549.

Statement of Cash Flows

The statement of cash flows tracks the flow of cash into and out of the non-profit. Since we are using the accrual basis of accounting, none of theother three financial statements tracks the movement of cash. Most organ-izations want to know where their cash came from and where it went dur-ing the accounting period, and the statement of cash flows achieves thatpurpose. As shown in Exhibit A.4, the sample statement of cash flowstracks the cash flows from operating, investing, and financing activities.


This section of the statement uses the change in net assets to create the cashflows for operating. Since we are using the accrual basis of accounting,however, some of the transactions that changed the amount of the net as-sets did not actually cause cash to flow into or out of the organization. Thismakes it somewhat difficult to determine the cash flows from operating ac-tivities. For example, from the sample statement of operations (ExhibitA.2), there is a $2,572 expense for depreciation. This expense reduced thenet assets by reducing the amount of excess of revenues over expenses,which reduced the amount of increase in the unrestricted net assets. How-ever, no cash actually moved into or out of the organization. We add the$2,572 back to the change in net assets to reflect that no cash flowed outof the nonprofit. The same thing is true for the $1,035 bad debt expense,so that amount is also added back. The total of the expenses that are addedback equals $3,607.

Other items are subtracted since the items did not actually increase theamount of cash, but did increase the amount of net assets. For example,according to the sample statement of changes in net assets (Exhibit A.3),we received a permanently restricted contribution of $1,500. However,that cash is a non-current asset limited as to use; it is not cash that is avail-



able for operations. The $1,500 is thus subtracted. Similarly, we had netunrealized gains and losses of $971. Since these gains are unrealized, nocash flowed into the nonprofit, but the value of the net assets increased.The $971 is also subtracted. From these two items, a total of $2,471 issubtracted.


sample statement of cash Exh ib i t A .4flows for the per iod end ing december 31 , 20X1


Change in Net Assets

Adjustments to Reconcile Changes in Net Assets toNet Cash Provided by Operating Activities: 4,896

Depreciation 2,572Net Unrealized Gains and Losses (971)Bad Debt 1,035Restricted Contributions Received (1,500)Increase (Decrease) in:

Net Accounts Receivable (6,544)Accounts Payable 2,000Wages and Salaries Payable 13,350Supplies Payable 1,477Utilities Payable 2,478Long-Term Debt, Current 500

Net Cash Provided by Operating Activities 19,293


Purchases of Investment (5,175)Capital Expenditures (12,996)

Net Cash Flows Used in Investing Activities (18,171)

Cash Flows from Financing Activities

Increase in Long-Term Debt 5,100Payments on Long-Term Debt (3,512)

Net Cash Used in Financing Activities 1,588

Net Increase in Cash and Cash Equivalents 2,710

Cash and Cash Equivalent at Beginning of Year 1,548

Cash and Cash Equivalents at End of Year 4,258


Any increase in the current liabilities decreases the value of the net as-sets. However, having an increase in current liabilities doesn’t decrease theamount of cash in the organizations. Until those liabilities are paid, theyhave no effect on cash. Thus, all of the increases in current liabilities thatoccurred from the end of November to the end of December 20X1 areadded back in. In our sample statement of cash flows, that includes ac-counts payable, wages and salaries payable, supplies payable, utilitiespayable, and long-term debt, current. The total of the increases in currentliabilities that is added equals $19,805.

Any increase in net accounts receivable increases the change in the netassets. However, this increase in net accounts receivable does not causecash to flow into the nonprofit. The $6,544 increase in net accounts re-ceivable is subtracted.

The net cash provided by operating activities totals the change in net assetsand the adjustments. The net cash provided by operating activities ($19,293)equals $4,896 plus $3,607 minus $$2,471 plus $19,805 minus $6,544.


The cash flows from investing activities are easier to determine. In our ex-ample, the nonprofit purchased equipment that cost $5,175. When thepurchase was made, cash did flow out of the nonprofit. Similarly, the non-profit had capital expenditures of $12,996, and these expenditures resultedin an outflow of cash. The total net cash flows used in investing activitiestotals equals a negative $18,171, which is $5,175 plus $12,996.


The cash flows from investing activities in our sample come from increasesin long-term debt and payments on long-term debt. Increases in long-termdebt would cause an inflow of cash ($5,100), but payments on long-term debtwould decrease the amount of cash ($3,512). The net cash used in financ-ing activities ($1,588) equals $5,100 minus $3,512.

Net Increase in Cash and Cash Equivalents

The net increase in cash and cash equivalents ($2,710) is equal to the netcash flows from the operating, investing, and financing activities. The netincrease of $2,710 equals $19,293 minus $18,171 plus $1,548.



Cash and Cash Equivalents at the Beginning of the Month Thisamount is on the balance sheet for the end of November 20X1. Theamount of this current asset was $1,548.

Cash and Cash Equivalents at the End of the Month The cash andcash equivalents at the end of the month ($4,258) are equal to the cashand cash equivalents at the beginning of the month ($1,548), plus the netincrease in cash and cash equivalents ($2,710).



189

Whistleblower Protection Policy

Appendix B

[Agency nameStreet address

City, State, Zip code]

Whistleblower Protection Policy

The whistleblower protection policy is being implemented at the [agencyname] to comply with the Public Company Accounting Reform and In-vestor Protection Act of 2002 (Sarbanes-Oxley). This provision in the legis-lation applies to all organizations, not just publicly traded ones.

At the [agency name], any staff member or volunteer who reports waste,fraud, or abuse will not be fired or otherwise retaliated against for making thereport.

The report will be investigated and even if determined not to be waste,fraud, or abuse, the individual making the report will not be retaliated against.There will be no punishment for reporting problems—including firing, de-motion, suspension, harassment, failure to consider the employee for pro-motion, or any other kind of discrimination.

There are several ways to make a report of suspected waste, fraud, orabuse:

• Call the anonymous hotline at [phone number].

• Send an e-mail to [e-mail address].

• Submit a report in writing.

Here is what we will do to investigate the report:

[The agency would list the steps it would take to investigate the allegation.]

Here is how we will follow up to report on our findings:

• Provide the person filing a report with a summary of our findings.

• Take steps to deal with the issue addressed, including making opera-tional or personnel changes.

• If warranted, contact law enforcement to deal with any criminalactivities.

ch13_appb_4386.qxd 2/10/05 10:19 AM Page 189

ch13_appb_4386.qxd 2/10/05 10:19 AM Page 190

191

Document Retention andStorage Protocols

Document Retention Policy—Talking Points

Key areas for explanation in a document retention policy include:

• Why does the agency need a document retention and storage policy?

It’s required by the Public Company Accounting Reform and In-vestor Protection Act of 2002 (Sarbanes-Oxley).


See list of documents under “Writing the Policy—TalkingPoints.”

• Why is there a rule against document destruction? When should younot destroy materials?

If an official investigation is underway or even suspected, non-profit management must stop any document purging to avoid crimi-nal obstruction charges.

Writing the Policy—Talking Points

• What is document retention and storage policy—and why is it re-quired by law?

Appendix C

ch14_appc_4386.qxd 2/10/05 10:19 AM Page 191

It’s not just a best practice—it’s the law and it applies to all or-ganizations in this country. Your nonprofit has an obligation to yourdonors, your clients, your board, and your staff to ensure thatyour organization complies with this component of Sarbanes-Oxleylegislation.

• How does it work?

In this section of the policy, provide your staff and volunteers withsome clear guidelines. (Just emphasize the important issues—theguidelines should not be voluminous. If your guidelines are over 10pages, consider if all of the information is necessary and sufficient.)

• The guidelines should answer the questions:

• How do I start?

• What should my files look like when I’m finished?

• How long do I have to do this?

• What files should I ensure are retained and stored (this is discussedin the next section)?

• When should I not destroy files?

When an instruction is sent to everyone at the agency to stopdocument destruction. You are expected to stop destroying doc-uments until you receive an instruction stating that document de-struction can resume.

• How do we maintain files and determine which are sent to stor-age? Also discuss when files can be destroyed (after X number ofyears—depending on the type of file—and not when a morato-rium is in place).

• Documents. Not all of these document categories are applicable toyour nonprofit, so only include the ones that are and add those spe-cial document categories that your nonprofit needs (but might nothave been on the list). Be sure to include a brief description of thesedocuments that would be meaningful to the staff and volunteers atyour nonprofit.

Here is a list of the types of documents your nonprofit would needto store/archive and be able to retrieve:

• Financial documents, reports, analysis, and forecasts

192 appendix c document retention and storage protocols


• Donor records, history, and correspondence

• HR records, including volunteer and board files and contracts withyour nonprofit’s management, staff, and volunteers (if applicable)

• Documents that reflect the sale of property, merchandise, or anytangible or intangible assets

• Documents that a regulatory agency or the law requires you to re-tain, such as tax returns, business license document, professional li-censes, vehicle registration forms, and correspondence regardingthese documents or about your nonprofit’s operations

• Documents containing information that an auditor or regulatorwould need to review

• Contracts with vendors for services, including insurance policies,auditor contracts (particularly to demonstrate that the auditingfirm is not providing any other services to your nonprofit)

• Contracts with external clients (such as public sector agencies) toprovide services to these external clients

• Client files and correspondence

• Donor files and correspondence with donors

• Proposals in response to requests for proposals (RFPs)

• Documents related to your nonprofit’s operations

• Instant message or e-mail that contains negotiations for a contractor other legal agreement

• Business transactions—any document that would provide proofthat your nonprofit took action in a business, contractual, or legalmatter

Special Designations forSensitive Documents

Design a simple classification system that allows for some of the documentsto be classified as confidential, private, or other designation that precludesthem from general access. Again, the fewer documents that need a specialclassification, the better. You don’t want to have to invoke the “Freedomof Information Act” protocol to access your own files.

special designations for sensitive documents 193


Storing and Archivingthe Documents

Develop rules for managing, storing, preserving, and archiving electronicmessages or other electronic data. The rules should address the importantissues, including the types of documents that are to be retained and howthey are to be stored. The process need not be complicated, but the rulesneed to be standardized—there is no room for doing your own thing. Staffand volunteers need to understand that they are obligated to adhere to therules—or face the consequences. The rules should also include steps to betaken to ensure that the documents cannot be tampered with—such asusing PDF files or passwords. It is particularly important to store financialrecords in such a way as to ensure that they represent a true and honest pic-ture of the nonprofit’s financial profile and/or other financial description.Regulators will expect to be able to rely on the accuracy of all of your elec-tronic records—no exceptions.

Testing the System

Develop a means by which the document retention system will be testedon a regular basis to ensure that documents are stored properly, and moreimportantly, can be retrieved quickly. Staff and volunteers should under-stand that the audits will be random and unannounced. There should beconsequences for non-cooperation that should be meted out quickly tosend a message to the entire organization.

194 appendix c document retention and storage protocols


195

Audit Committee Proceduresand Protocols

Audit Committee

This committee should be in place, no matter how small the nonprofit orits board. The purpose of the committee is to provide oversight to the an-nual audit, or for small nonprofits, the annual review of financials.

Composition of the Committee

The committee needs to include:

• One financial professional

• Two to four members of the board who are not also members of thefinance committee

Committee Functions andDeliverables

[The agency would present these functions and deliverables in a mannerthat meets the agency’s needs.]

• The committee is to serve as a liaison between the auditor and theboard and to ensure that the auditing firm is appropriate for a non-profit audit (skill set and experience), and to review the performanceof the auditing firm.

Appendix D

ch15_appd_4386.qxd 2/10/05 10:20 AM Page 195

• The committee is to ensure that the auditor is not also providingconsulting services to the nonprofit, such as bookkeeping, financialinformation systems, HR outsource services, legal services, or otherprofessional services that do not relate to the audit.

In the past, this practice was permitted, but SOX best practicesstrongly recommend that the nonprofit’s auditor provide only audit-ing services. Other consulting services should be provided by an-other firm. Additionally, the nonprofit should use the same auditingfirm for between three to five years. If the auditing firm is largeenough, other partners or associates can rotate to provide auditingservices to the nonprofit. In any event, members of the auditing firmshould not be recruited to serve on the nonprofit’s board or on theauditing committee.

• The committee needs to ensure that the auditor has no financial orbusiness connections to individual board members.

• The audit committee should meet with the auditor to review theaudit and make recommendations regarding board approval, or pro-vide recommendations for modifications. The committee makes theserecommendations to the full board, which ideally, meets with the au-ditor to discuss the audit.

• One of the audit committee’s most important deliverables is to ensurethat if the audit produces a management letter, the issues outlined inthe letter are remedied immediately.

• The audit committee should be in operation for two months at mostevery year.

196 appendix d audit committee procedures and protocols

ch15_appd_4386.qxd 2/10/05 10:20 AM Page 196

197

Conflict of Interest Policy

Aconflict of interest policy and set of procedures, including a disclo-sure statement, need to be in place for the purposes of educating the boardon its legal obligation of loyalty and on what constitutes a conflict of in-terest. Procedures need to be in place to disclose real and potential conflictsof interest, and appropriately deal with these disclosed conflicts in subse-quent board discussion and voting. All board and senior management needto complete a conflict of interest statement on an annual basis. Board min-utes need to reflect a member’s abstention from discussion and voting on atopic that presents a conflict of interest.

Talking Points

What Is a Conflict of Interest and Why Is It a Serious Issue?

Here are some reasons why real or potential conflicts of interest need to bedisclosed:

• Legal standard of loyalty requires board members to put the financialinterests of the nonprofit ahead of any personal gain. One way toachieve this is to identify those relationships and/or business dealingsthat either present a conflict of interest or have the potential for beinga conflict of interest.

• By signing a letter indicating real or potential conflicts of interest, orstating that the individual has none, the nonprofit has a record ofthose areas that may pose a conflict of interest for individual board

Appendix E

ch16_appe_4386.qxd 2/10/05 10:20 AM Page 197

members. The nonprofit can then take steps to ensure that the indi-vidual board member does not take part in discussions or votes relatedto those areas.

• Transparency and full disclosure are very important in today’s non-profit environment.

Procedures for Dealing with Conflict of Interest

• Conflict of interest letters are signed on an annual basis.

• When a board discussion addresses an area that has been identified asa conflict of interest, the individual involved is excused from the dis-cussion and not permitted to vote. This is recorded in the minutes ofthe meeting.

• The board reserves the right to ask an individual who presents a veryserious conflict of interest to resign from the board, or be placed in acapacity that neutralizes a conflict of interest.

198 appendix e conflict of interest policy


Sample Conflict of Interest Letter

sample conflict of interest letter 199


City, State, Zip code][Date[Board member nameStreet addressCity, State, Zip code]

Please complete and sign this annual conflict of interest statement.We appreciate your hard work on the [agency name] Board.

I, [board member name], state that I have/do not have the follow-ing personal, business, or professional relationships that may pres-ent a conflict of interest:

(Circle appropriate statement.)

I do not have any conflicts of interest.

I have the following relationships or business interests that maypose a conflict of interest:

(List those relationships and businesses that might pose as conflict ofinterest.)

As a member of the [agency name] Board, I commit to placing theagency’s interest and gain ahead of my own, and will further com-mit to excusing myself from any discussion or votes related to thoseareas in which I may have a conflict of interest.

Signed,

[Board member name

Date]


201

Code of Ethics for Board andSenior Management

This policy describes the types of behavioral expectations that relate tothe roles of board members and members of senior management and es-tablishes a confidential means by which employees or volunteers can raiseethical concerns. One particularly significant provision is the prohibitionagainst any type of loan or financial gift by the nonprofit to a board mem-ber or member of the staff at any level. Note: board, staff, and volunteersshould be required to read/sign the code of ethics.

Ensure that each category addresses how the nonprofit commits to beingin compliance with laws and regulations, being accountable to the public,and responsibly handling resources.

Talking Points

• Organizational values that are present or expressed in the nonprofit’smission and other supporting documents such as strategic plans.

• Mission

• Governance

• Conflicts of interest

• Legal compliance

• Responsible stewardship of resources and financial oversight

• Openness and disclosure

Appendix F

ch17_appf_4386.qxd 2/10/05 10:21 AM Page 201

• Professional integrity, as these related to all aspects of services ren-dered and in the process of development/fundraising

• Other issues that relate to how your nonprofit operates

Sample Code of Ethics fora Nonprofit Board Member

202 appendix f code of ethics for board and senior


City, State, Zip code]

Board Member Code of Ethics

As a member of the [agency name] Board, I will:

• Endeavor at all times to place the interest of the [agency name]above my own.

• Be diligent in the performance of my duties, come prepared toall board meetings, and fulfill my obligations as a board member.

• Not seek or accept any personal financial gain from my mem-bership on the board of the [agency name].

• Seek to continually improve my knowledge of the [agencyname] and the nonprofit sector.

• Strive to establish and maintain dignified and honorable rela-tionships with my fellow board members, the [agency name]staff, clients, and donors.

• Strive to improve the public understanding of the mission andvision of the [agency name].

• Obey all laws and regulations and will avoid any conduct or ac-tivity that would cause harm to the [agency name].

ch17_appf_4386.qxd 2/10/05 10:21 AM Page 202

203

Board of Directors—GovernanceProfile and PerformanceExpectations

This document outlines the roles and duties of the board, includingthe distinction between governance roles and management roles within thenonprofit.

Oversight and Policy Making

• Supervise executive director (ED) or CEO of the nonprofit

• Oversight in areas of:

• Financial operations

• Internal controls

• Compliance with federal, state, and local laws and regulations

• Ultimate control and authority and responsibility for the nonprofitoperations

Term Limits

All board members should be subject to term limits. When a boardmember joins the board, it should be for a specified number of years.There should also be a specified number of consecutive terms that a board

Appendix G

ch18_appg_4386.qxd 2/10/05 10:21 AM Page 203

member can hold (usually two). There’s no point in having term limits ifa member can serve ad infinitum. There should also be a specified numberof years that the person must be off the board before he or she can be al-lowed to rejoin the board. Former board members can certainly be as-signed to other projects or committees, such as the audit committee, totake advantage of their knowledge and skills.

Summary of Board Committees’Descriptions and PerformanceObjectives

Here are some types of committees that could be useful to your nonprofit.Not all nonprofits need every committee, so choose what works for you.

• Finance committee

• Audit committee

• Development and fundraising committee

• Personnel committee

• Nominating committee (for the board of directors)

• Facilities committee

• Strategic planning committee

• Risk management committee

Process for Board MemberNomination and Election

Here’s a recommended process for identifying suitable board candidates,screening the candidates, and preparing a slate for board consideration.

1. Director recruitment. A list of potential candidates for the board can bedeveloped through board member suggestions, networking, and bymeans of a community nonprofit clearinghouse.

2. Speak informally with each potential candidate to determine his orher interest in joining the board, the candidate’s individual creden-tials, and suitability.

3. Those candidates who express interest should be permitted to ob-serve one or two of the nonprofit’s board meetings.

204 appendix g board of directors—governance profile


4. The nominating committee arranges for formal interviews withthose candidates who would like to be considered. Board memberobligations and performance expectations are discussed with candi-dates. Candidates are requested to present either a recent résumé orcurriculum vitae.

5. The nominating committee presents the slate of candidates to theboard. The board has been given the candidates résumés/CVs priorto the board meeting. A vote is taken on the slate, or by individualcandidate.

6. Candidates are notified by phone, and a follow-up formal lettercongratulating them on their election to the board. New boardmembers should also be told when the board orientation will takeplace (see Appendix H for an orientation lesson plan), and how theycan expect to receive a binder with board materials. New boardmembers should also receive a conflict of interest letter for theircompletion and signature. New board members should also bepaired with a current board member as a mentor.

process for board member nomination and election 205


207

Board Orientation Session

The session should be approximately 60 to 90 minutes in length. Thelearning objectives of this orientation include:

• New board members understand the nonprofit’s mission, vision, andstrategic plan.

• New board members have an understanding of the nonprofit’s historyso they can appreciate where the organization has been and where itis headed.

• New board members understand their obligations and performanceobjectives.

• New board members understand the board policies on meetings, at-tendance, conflict of interest, and other policies that emerge fromSOX best practices.

• New board members have received their job descriptions and under-stand their performance expectations and fiduciary obligations asboard members.

Outline of Curriculum

• Introductions

• Agency’s mission, vision, and strategic plan. This segment of the orienta-tion provides an overview of the nonprofit’s mission, vision, andstrategic plan. These documents should be part of the new boardmember’s “board binder.”

Appendix H

ch19_apph_4386.qxd 2/10/05 10:22 AM Page 207

• Agency’s history. This segment of the orientation should provide newboard members with a brief history of the organization. Use of a timeline to describe important events in the organization’s history can behelpful.

• Being a board member. This section reviews the expectations of all boardmembers. Particular emphasis should be on describing board memberlegal duties of care, loyalty, and obedience. Explain why board mem-bers are required to sign an annual conflict of interest letter, and whythey need to review materials carefully before board meetings. It isimportant that the discussion parallel the materials found in the“board binder,” but also allow time for questions and answers.

• Board member performance expectations. This segment reviews the mate-rial in the “board binder” on attendance requirements, conflict ofinterest policy, fiduciary obligations, financial support of the agency,code of ethics, and keeping informed about the agency’s operations.

• Board member job description. This section is really a summary ofthe previous two sections and is presented so that board members un-derstand their role in a more integrated fashion. If the agency has acommittee system, describe how board members are placed on com-mittees and performance expectations for committee members.

• Role of the board mentor. If the new board member has been paired upwith a seasoned board member, describe how the interaction willserve to enrich the new board member’s experience and provide himor her with a resource for questions or learning.

Board Binder Contents

• Agency mission and vision statements

• Agency strategic plan

• Brief history of the agency

• Financial statements from the past three months

• Development and fundraising profile of the agency

• Board member legal duties—care, loyalty, obedience

• Board policies:

• Meeting attendance and preparation expectations

208 appendix h board orientation session


• Fiduciary obligations and conflict of interest policies

• Financial support of the agency

• Code of ethics

• Committee structure [if applicable]

• Board roster

• Staff roster

board binder contents 209


211

Review of Internal ControlsReport and Recommendations

Overview of the Project

Describe:

• Scope of the review and why it is being conducted

• What the process for the review entails

• Expected deliverables from the review

Systems

Explain why the emphasis is on internal systems, and express (chart out ifnecessary) the types of interdependencies that exist within the agency’s in-ternal systems. For each department, provide a brief description of each ofits systems and discuss what other departments depend on of each depart-ment. For example:

• Finance. Describe the systems of internal controls, the systems for pay-roll, receivables, and payables.

• Information management. Describe the systems within the broad rangeof technology, such as e-mail, intranet, Internet access, software in-terdependency, and mobile technology, including cell phones, PDAs,and laptops.

Appendix I

ch20_appi_4386.qxd 2/10/05 10:22 AM Page 211

• Human resources. Describe the required policies that are (or will be) putin place such as whistleblower protection, and how staff files are de-veloped and kept up to date. Describe how performance expectationsand performance reviews are coordinated. Describe other processessuch as worker compensation claims process, benefit package admin-istration, sick leave, and vacation time administration.

• Operations. Describe the systems related to document retention (oridentify if this system needs to be introduced), client intake and serv-ice, programmatic design and delivery, development, and other aspectsof the agency’s operations.

• Governance. Describe the agency’s governance system in terms ofprocess for agenda development, strategic decision-making, boardrecruitment, and staffing.

• Other areas of the nonprofit. This section would describe systems uniqueto the agency.

Recommendations and Time Line

This section presents recommendations for those systems and policies thatare specified by recent legislation (SOX or equivalent state law), and thosesystems and policies that need to be introduced to establish greater trans-parency and efficiency. Establish a reasonable time line and assign specificstaff for completion of the deliverables identified in this section. For eachdeliverable, assign a staff member who will be accountable for the deliver-able. Decide what you would be able to accomplish in:

• One month

• Three months

• Six months

Set a deadline for completing all of the systems/proof by 10 monthsfrom the start of the project. Book a look-back date (at the end of 10months) to determine if further work is needed.

212 appendix i review of internal controls report and

ch20_appi_4386.qxd 2/10/05 10:22 AM Page 212

213

Risk Management Plan

Profile

As discussed in Chapter 9, the first component of a nonprofit’s risk man-agement plan is the profile of the organization. In this section of the riskmanagement plan, briefly review your nonprofit’s mission, and importantstatistics such as number of staff, clients served, and the like.

It is also important in this section to list those SOX best practices thatyour nonprofit has adopted, or is in the process of adopting. The contentof the profile should set the tone for your nonprofit’s commitment tobeing proactive in dealing with risk.

Risk Management Worksheets

The risk-assessment worksheets for this plan correspond to the discussionin Chapter 9.

Appendix J

ch21_appj_4386.qxd 2/10/05 10:23 AM Page 213

Worksheet 1—List Areas of Concern

Organizational Area Concerns

Governance—board activities

Staff/volunteer

Operations

Relations with the public

214 appendix j risk management plan

Worksheet 2—Tier 1 and Tier 2 Risks

Tier 1 risks are those risks that are the most frequent or cause the most concern. Tier 1 risks receive the highest priority in terms of effort and resources.

Tier 2 risks are those risks that the nonprofit wants to address, but because of time, staff, or resource constraints may have to address in the next round of risk assessment.


Worksheet 3—Strategies for Dealing with Risk

Risk Strategy for Dealing with the Risk

worksheet 4—time line 215

Worksheet 4—Time Line

Responsibility

Risk Recommended Action (Staff Member)


Worksheet 6—Risk Management Plan Template:Table of Contents

Risk assessment report for the FY or calendar year 20XX

Nonprofit’s profile

Goals and objectives

Risk assessment for each of the four (4) organizational areas: gover-nance, staffing/volunteers, operations, and relations with the public

• First-priority risks:

• Resources needed to address these risks

• Techniques for each risk

• Responsibilities and timelines

• Desired outcomes/measurements of success

• Documentation of prior claims, occurrences

• Summary—risks that will be addressed this year; what will bedone; when it will be done; who is responsible for the action


Worksheet 5—Risk Administration and Monitoring

Complete this worksheet three to six months after implementing a risktreatment strategy.

Evaluation of Success—Did the

Identify Risk Treatment Have the Desired Effect?


For consideration in the next round of risk assessment:

• Second-priority risks






Other sections of risk management program:

• Important documents—insurance policies (declaration sheet only)

• Phone numbers of insurance professional, attorney, board of di-rectors, other key staff, and volunteers

• Risks to be considered for next FY or calendar year

Sample Risk Management Plan:Table of Contents

Risk assessment report for the FY or calendar year 20XX

Nonprofit profile—this section of the plan provides information on thenonprofit’s current status. This section would describe the SOX bestpractices that the nonprofit has implemented.

Plan of action to address the risk assessment report

First-priority risks—these risks are the ones that the nonprofit will ad-dress first. For each risk, describe the following:

• Resources needed to address the risk





Second-priority risks—these are the risks that the nonprofit will addressafter the primary risks have been treated. These could also be the pri-mary risks for the next round of risk assessment.



sample risk management plan: table of contents 217


• Responsibilities and time lines



Other sections of risk management plan

• Important documents—insurance policies (declaration sheet only).Include just the cover page of each of your insurance policies (i.e.,the page that has the limits of the coverage listed on it).

• Phone numbers of insurance professional, attorney, board of di-rectors, other key staff, and volunteers

• Risks to be considered for next FY or calendar year —this is thesection of the plan in which emerging issues can be documented.



219

Business Continuity Plan

This appendix provides a fill-in-the-blanks method of developing aninitial business continuity plan. Once the initial plan is compiled, yournonprofit will be able to see how the plan can be customized to meet yourorganization’s needs. It is very important to include only the informationthat is necessary and sufficient. There should be systems in place to back upfiles, databases, and other critical information so that your nonprofit can re-sume operations in another location if necessary.

Emergency Protocols

This section of the plan should:

• Include a floor plan(s) for each floor in your nonprofit—the emer-gency exits should be shown clearly

• Include information on fire alarms (if applicable) and smoke detec-tors and instructions for evacuating the building in the event of anemergency

• Provide instructions for dealing with the type of emergencies thatare appropriate to your geographic location (i.e., earthquakes, torna-does, etc.)

• Give the location of fire extinguishers, first aid kits, and flashlights

• Ensure that fire extinguishers are current, and are inspected andrecharged as appropriate

• Identify those individuals who are first-aid and CPR certified

Appendix K

ch22_appk_4386.qxd 2/10/05 10:23 AM Page 219

Contact Information for BoardMembers and Staff

Important! The data contained in this worksheet is confidential materialand should have very limited distribution.

You can paste the contact information for all board, staff members, andkey volunteers in this section of the plan. The following categories of in-formation should be provided for everyone on the list:

Name

Address

Home phone

Office Phone

Cell phone

Family member’s cell phone number

Pager

Fax

Business e-mail address

Personal e-mail address

Business Resumption Strategiesfor Each Department withinYour Nonprofit

Complete a strategy sheet for every department within your nonprofit.

• For each department or function within your nonprofit, list the most im-portant activities or tasks that have to be done to remain in operation.

• What are the ways in which the nonprofit can ensure that these func-tions can continue or resume—perhaps at another location?

• What are the materials and/or supplies that would be needed to re-sume these functions if the nonprofit’s offices are destroyed?

• Provide an inventory of furnishings, equipment, and specialized soft-ware/hardware and other technology needs.

• Cross training of the staff is essential. Ensure that more than one in-dividual knows how to do each important task or function.

220 appendix k business continuity plan


Communication

• Internal communication. Identify the strategy for communicating withthe board, staff, volunteers, and clients about the nature of the busi-ness interruption and how to contact the nonprofit.

• External communication. Prepare a general statement that can be re-trieved in the event of a business interruption. The statement shouldidentify the name of the nonprofit, the name of the spokesperson,contact information for the spokesperson, provide a general descrip-tion of what happened (the fewer the details, the better), and infor-mation about the location of the nonprofit and how to make anemergency donation (if applicable).

• This section should contain the contact information for the local media.

Financial Services

[Confidential—only include this section in the copies of the plan distrib-uted to the executive committee of the board, the executive director, andthe CFO.]

In this section of the plan, include the account information for all fi-nancial accounts—banks, investments, and other financial instruments. Thepurpose of this section is to have the information available on a “need toknow” basis for those senior board and staff members who are authorizedto make transactions with your nonprofit’s bank and other financial serv-ice providers. For each bank and/or financial service provider, provide thefollowing information:

• Signature authority for your nonprofit—list the names and contact in-formation for all signatories.

• Bank codes and other security access information

Vendors

Vendors are very important people to your nonprofit in the event of a se-rious business interruption. As you determine which vendors to include,consider commercial realtors, plumbers, electricians, locksmiths, window-repair, and the like. IT vendors are always important, particularly if yournonprofit has to relocate.

vendors 221


Have at least the following information available for each vendor:

Vendor name

Contact person for your nonprofit’s account with the vendor

Customer service manager (if the contact person is not available)

Phone number

Cell phone or pager

Fax number

Your nonprofit’s account number

Person at your nonprofit who is authorized to place an order

Alternate person

Address of vendor

Service Providers—Utilities,Water, Governmental Agencies

Have at least the following information available for each service provider:

Contact person at the agency

Phone number

Cell phone or pager

Fax number

Your nonprofit’s identifying information (account number or ID number)

Person at your nonprofit who is authorized to interact with the agency

Alternate person

Address of agency

If Your Nonprofit Needsto Relocate

In this section, outline the materials and data that would be needed to re-sume operations in an alternative location. As you determine what youwill need, also consider the sources of these materials and the accountnumbers and/or security codes that will be necessary to access the mate-rials and data.

222 appendix k business continuity plan


• Vendors

• Essential equipment and material to support the critical functions ofthis department

• Contacts, account numbers, and security codes—identify the individ-uals who are in possession of this data

• Other materials needed

if your nonprofit needs to Relocate 223


225

Bibliography

AICPA. Sarbanes-Oxley Act/PCAOB implementation central. Retrieved onJune 25, 2004 from www.aicpa.org/sarbanes/index.asp.

Abernathy, K. Q. (2002). “Special alert: What WorldCom bankruptcy means toconsumers.” Focus on Consumer Concerns 2, no. 5. Retrieved on August 15,2004 from www.fcc.gov/commissioners/abernathy/news/worldcom.html.

About the Great Depression. Retrieved September 24, 2004 from www.english.uiuc.edu/maps/depression/about.htm.

Anderson, Christopher B. “Form 990: More Than Just a Tax Return.” The TaxAdvisor 35, no. 4, (April 2004), p. 200 (2).

Beattie, A. (2003). Why it’s all our fault: How investors often cause the market’sproblems. Retrieved on June 17, 2004 from www.investopedia.com/articles/basics/03/062003.asp.

Bonello, F. J. (2004). Stock exchange. Microsoft Encarta Online Encyclopedia. Re-trieved May 23, 2004 from http://encarta.msn.com/encyclopedia_761560145_2/Stock_Exchange.html#p67.

Borenstein, E. R. (1998). Legal need relative to non-profit and/or tax-exempt sta-tus of new organizations. Retrieved June 27, 2004 from www.muridae.com/nporegulation/.

Bumgardner, L. J. (2003). How does the Sarbanes-Oxley Act impact Americanbusiness? Journal of Contemporary Business Practice 6, no. 1. Retrieved on July19, 2004 from http://gbr.pepperdine.edu/031/sarbanesoxley.html.

CNN.com (1998). The market “circuit breakers”: How they work. Retrieved onJuly 17, 2004 from www.cnn.com/US/9809/01/market.circuit.breakers/.

Davis, R. R. (April 2004). Using disclaimers in audit reports: Discerning betweenshades of opinion. The CPA Journal, Online. Retrieved on August 3, 2004from www.nysscpa.org/cpajournal/2004/404/essentials/p26.htm.

Appendix L

ch23_appl_4386.qxd 2/10/05 10:24 AM Page 225

Editors of Career Press. Business Finance for the Numerically Challenged. Career Press:New Jersey, 1998.

Eichenwald, Kurt. “Arthur Andersen convicted of obstruction of justice.” TheNew York Times (June 15, 2002).

Emert, Carol. “Financial Irregularities Prompt Shakeups at Beard Foundation.”San Francisco Chronicle (September 15, 2004).

Estrada, Heron Marquez. “Theft at Paper Exposes Vulnerability of Nonprofits.”Minneapolis Star Tribune (October 4, 2004).

Everson, Mark W., Commissioner of the Internal Revenue Service. Testimonybefore the U.S. Senate Finance Committee hearings on “Charity Oversightand Reform: Keeping Bad Things from Happening to Good Charities,”Washington, DC, June 2004.

Evergreen State Society (2003). What is Form 990?: How is it used?. Retrievedon June 16, 2004 from www.nonprofits.org/npofaq/19/06.html.

Fabrizius, Michael P., and Richard M. Sarafini. “Learning to Love the Scrutiny:Initiating a Quality Assessment Can Help an Internal Audit Group Come Outon Top.” Internal Auditor 61, no. 1 (February 2004), p. 38(7).

Farrell, G. “Anderson staffer says phrase was a hint to shred.” USA Today (May 21,2002).

Francis-Smithy, Janice. “Sarbanes-Oxley Holds Big Implications for Nonprofits.”Journal Record (January 8, 2004): 1.

Hopkins, Bruce. “Sarbanes-Oxley Act of 2002: What It Means For NonprofitOrganizations.” Nonprofit Counsel XIX, no. 10 (October 2002).

Internal Revenue Service. “Corporate Responsibility.” Ann. 2002–87,37.

Jacobs, Jerald. “Conflict of Interest Policies—Address Them Now.” AssociationManagement 55, no. 5. Washington, DC (May 2003), p. 17 (2).

Lambert, Joyce. “Reduce Your Losses From Errors and Fraud.” Nonprofit World16, no. 5 (Sept/Oct 1998): pp. 46–49.

Lange, Michele, C. S. “Keeping Your Head: New Sarbanes-Oxley Rules MakeDocument Retention Dizzying.” Corporate Counsel Magazine (April 2003).

Light, Paul C. “Fact Sheet on the Continued Crisis in Charitable Confidence.”Brookings Institution, Washington, DC, September 13, 2004.

Markon, Jerry. “Ex-Chief of Local United Way Sentenced.” Washington Post(May 15, 2004).

Maryland Association of Nonprofit Organizations. “Standards for Excellence: AnEthics and Accountability Code for the Nonprofit Sector.” Baltimore, MD,2004.

226 appendix l bibliography


McDonough, Siobhan. “Survey: Charity CEO Raises Nearly Double InflationRate.” Advocate (September 27, 2004): 12.A.

Mondaq Business Briefing. Governance and Nonprofit Corporations: Requirementsand Expectations in a Post-Sarbanes-Oxley World. May 20, 2004.

———. Nonprofit Governance Reforms: Five Steps Toward Improved Ac-countability, May 25, 2004.

Moskin, Julia. “Thousands Missing in Revenue Records of Culinary Charity.”The New York Times (September 6, 2004): A.1.

Nonprofit Integrity Act (2004), State of California. State Senate Bill 1262, Sep-tember 2004.

Office of the Attorney General, State of California. “Attorney General LockyerUnveils Reforms to Toughen Nonprofit Accountability, Fundraiser Con-trols.” February 12, 2004.

O’Reilly-Allen, Margaret. “How to Have an Audit Without Breaking the Bank.”Nonprofit World 20, no. 4 (July/August 2002): 26(3).

Peregrine, Michael W. and James R. Schwartz. “Taking the Prudent Path: BestPractices for Not-for-Profit Boards.” Trustee 56, no. 10 (November/Decem-ber 2003): 24.

PricewaterhouseCoopers LLP. United Way of the National Capital Area Foren-sic Accounting Investigation, Washington, DC. August 7, 2003.

Revised Model Nonprofit Corporation Act (1987) defines “duty of care” in sec-tion 8:30:

Schein, Edgar. Organizational Culture and Leadership, 2nd ed. San Francisco: Jossey-Bass Publishers, 1992.

Schroeder, Mike. “Is It Time to Rethink Your Board’s Structure?” NonprofitWorld 21, no. 6 (November/December 2003): 9.

Schweitzer, Carole. “The Board Balancing Act: Achieving Board AccountabilityWithout Micromanaging.” Association Management 56, no. 1 (January 2004):34(7).

Schwinn, Elizabeth, and Grant Williams. “IRS Outlines Audit Plans for NonprofitOrganizations.” Chronicle of Philanthropy 16, no. 1 (October 16, 2003): 33.

Silk, Thomas. “Ten Emerging Principles of Governance of Nonprofit Corpora-tions.” The Exempt Organization Tax Review 43, no. 1 (January 2004): 35 (4).

Silverman, Rachel Emma. “Charities to Start to Grade Themselves.” The WallStreet Journal (August 18, 2004).

bibliography 227


Snyder, Gary. “Boards Must Change the Way They Do Business.” NonprofitWorld 21, no. 4 (July/August 2003): 14.

Strom, Stephanie. “Questions About Some Charities’ Activities Lead to a Push forTighter Regulation.” The New York Times (March 21, 2004): 1.23.

———. “Public Confidence in Charities Stays Flat.” The New York Times (Sep-tember 13, 2004): A.17.

Tyler, J., Larry Biggs, and L. Errol. “Conflict of Interest: Strategies for Remain-ing ‘Purer Than Caesar’s Wife’.” Trustee 57, no. 3 (March 2004): 22(5).

United States Senate Finance Committee. Staff Discussion Paper released inconjunction with June 2004 hearings on “Charity Oversight and Reform:Keeping Bad Things from Happening to Good Charities.” Washington, DC,June 2004.

Van Derbeken, Jaxon. “Free Clinics’ Ex-Exec Accused Of Fraud.” San FranciscoChronicle (June 25, 2004).

Vishneski III, John S. “New Liabilities Created by Sarbanes-Oxley: Are Your Di-rectors, Officers Covered?” National Underwriter 107, no. 48 (December 1,2003): 36.

Wallack, Todd. “Nonprofit Advisory Group in Crisis, Management CenterHelped Local Agencies.” San Francisco Chronicle (January 22, 2004).

———. “Charity Settles in Pipevine Fiasco.” San Francisco Chronicle (February 19,2004).

———. “SF Nonprofit to Shut Down.” San Francisco Chronicle (May 19, 2004).

———. “Nonprofits Fight Tougher Disclosure Rules.” San Francisco Chronicle(June 24, 2004).

Walters, Brent R. “Nonprofits Are Corporations Too: Now It’s time for Iowato Treat Them That Way.” Journal of Corporation Law 28, no. 1 (Fall 2002):79, (25).

Weidenfeld, Edward L. “Sarbanes-Oxley and Fiduciary Best Practices for Officersand Directors of Nonprofit Organizations.” Tax Management Estates, Gifts andTrusts Journal 29, no. 2 (March 11, 2004): 104 (4).

Wolverton, Brad. “What Went Wrong? Board Actions at Issue At Troubled D.C.United Way.” Chronicle of Philanthropy 15, no. 22 (September 4, 2003): 27(4).

228 appendix l bibliography


229

Index

Accounting system, 70Accounts payable, 44Accounts receivable, 43–44Accrual basis of accounting, 41–42Activity ratios, 55Adelphia Communications, 6Age of facility ratio, 62–63American Red Cross, 12Analyst conflicts of interest (Title V),

9, 11Anti-discrimination legislation, 131Arthur Andersen LLP, 6, 28, 33, 125Assets, 43–45Audit, 129

defined, 30Audit committee, 33, 93, 129

creation of, 35–36procedures and protocols, 195–196role of, 36–38and small nonprofits, 159–160SOX requirements for, 34–35

Auditor, 141restriction of services, 33–34

Auditor independence (Title II), 8, 11,28–29

Auditor’s opinion, 30–32adverse, 31disclaimer of opinion, 31–32qualified, 31unqualified, 30unqualified with explanatory language,

30–31

Average collection period ratio, 57Average payment period, 59

Balance sheet, 40, 42–46assets, 43–44liabilities, 44net assets, 45–46sample, 167–174

Behavioral norms, 106Behavior and its consequences,

104–105Beliefs, 106–107Below the line items, 48–49Best practices (SOX), 127

checklists, worksheets and sampledocuments, 165–223

and the board, 85–102governance, 86–89, 98–102

and creating competitive advantage,137–154

and organizational culture, 103–121for small nonprofits, 155–163

Black Tuesday, 4Board, nonprofit, 22

composition of, 23culture, 112–121

strategies for change, 120–121transforming, 119–120

duties, 22–23dysfunctional, 112, 114–119governance profile and performance

expectations, 203–205

ch24_idx_4386.qxd 2/10/05 10:24 AM Page 229

Board, nonprofit (cont.)guided by ethical and operational

principles, 100incorporating SOX best practices in

activities and administration,96–97

leadership and role clarity, 99members, potential, 142–143membership and deliberations,

90–95traditional standards of behavior,

91–93upgraded standards based on SOX

best practices, 93orientation, 97–98, 207–209overall management responsibility,

100–101oversight and governance, 89,

98–102policies and procedures, in small

nonprofit, 161recruitment and retention, 93relationship with auditor, 32–33responsibility regarding financial

statements, 32–38and staff interaction, 100

Board binder, 207–209contents, 208–209

Bonds payable, 44Bush, George W., 7Business continuity plan (BCP),

149–154, 219–223defined, 150–151designing, 151–154sources of business interruptions,

149–150

California “Nonprofit Integrity Act”(SB1262), 24–25, 87–88, 108

and fundraising activities of board,101–102

Capital structure ratios, 55Cash basis of accounting, 41–42Cash equivalents, 43

Ceremonies, 106Chief Executive Officer (CEO), and

interaction with board, 100Circuit breakers, 5Client files, 132Code of ethics for board and senior

management, 94, 201–202sample, 202for small nonprofit, 161

Commission resources and authority(Title VI), 9, 11

Common-size analysis, 54Competitive environment, 124Confidential reporting system, 77–78

ombudsman, 77–78third-party reporting systems, 78

Conflict of interest policy, 94–95,197–199

for small nonprofit, 160–161Control activities, 71Coolidge, Calvin, 3Corporate and criminal fraud

accountability (Title VIII), 9, 12Corporate fraud and accountability

(Title XI), 10, 12Corporate responsibility (Title III), 8, 11,

28–29Corporate tax returns (Title X), 10, 12Current assets, 43Current investment, 44Current liabilities, 44Current ratio, 56

Days cash on hand, 58Debt service coverage ratio, 65Decision-making models, 98–99Depreciation, 48Development, 129–130Document preservation (Title VIII), 9,

12, 79–84, 86, 95Document retention, archiving, and

retrieval, 79–84, 129–130, 131,158–159, 191–194

and small nonprofits, 158–159

230 index

ch24_idx_4386.qxd 2/10/05 10:24 AM Page 230

Donors, 130, 141–142Dysfunctional boards, 112

factors that contribute to dysfunction,118–119

sources of dysfunction, 114–116symptoms of dysfunction, 116–118

Economic history, U.S., 3–7Great Depression, 3–4Securities Act of 1933, 4Securities Exchange Act of 1934, 5twenty-first century corporate and

accounting scandals, 5–7Adelphia Communications, 6Arthur Andersen LLP, 6Enron Corporation, 6Global Crossing, 6Tyco, 6WorldCom, Inc., 6Xerox, 6

EDGAR. See Electronic Data Gathering,Analysis, and Retrieval system

Electronic Data Gathering, Analysis, andRetrieval (EDGAR) system, 5

Enron Corporation, 1, 2, 6, 28, 125Environment, 107Ernst & Young, 33Everson, Mark W., 13, 109Executive director (ED)

compensation package, 23and interaction with board, 100relationship with auditor, 27–28, 33and responsibility for internal control

system, 69Exempt Organization Hotline, 2, 24, 87Expenses, 48

Fairness, of financial statements, 32–33Family and Medical Leave Act, 131Financial Accounting Standards Board

(FASB), 29FASB standard 116, 30FASB standard 117, 29–30lobbying activities, 73, 74

salaries for managers and staff, 73certification by upper management, 73

Financial disclosures (Title IV), 8–9, 11Financial literacy, 94

training, for small nonprofits, 160Financial operations, 128–129Financial ratios, 55–65

asset management ratios, 55, 61–63age of facility ratio, 62fixed assets ratio, 62total asset turnover ratio, 61–62

debt management ratios, 55, 63–65debt service coverage ratio, 65long-term debt to net assets, 63–64times interest earned, 64

liquidity ratios, 55, 56–59average collection period ratio, 57average payment period, 59current ratio, 56days cash on hand, 58quick ratio, 57

profitability ratios, 55, 59–61operating margin, 60return on total assets, 60–61

Financial statements, 29–30analyzing, 52–65

common-size analysis, 54financial ratios, 55–65trend analysis, 53–54

basic statements, 40board’s responsibility regarding, 32–38reading and interpreting, 39–65

Financing activities, 51, 52Fixed assets ratio, 62Form 990, Return of Organization

Exempt From Income Tax,19–21, 40, 41, 67–74, 127,140–141

advantages of good internal controlsystems, 69–72

board’s role in improving, 72–74fundraising, 72–73lobbying activities, 73–74salaries for managers and staff, 73

index 231

ch24_idx_4386.qxd 2/10/05 10:24 AM Page 231

board’s role in improving (cont.)certification by upper management,

71–72importance of, 68–69

Form 990-EZ, 40, 41, 67–68Fund balance, 45Funding sources, 141–142Fundraising, 72–73, 129–130

California Nonprofit Integrity Actand, 101–102

Gains, 47Generally accepted accounting

principles (GAAP), 29Global Crossing, 6Goals, 107Grassroots organizations, 124, 125Great Depression, 3–4GuideStar, 40, 68, 127, 140

Haight-Ashbury Free Clinic, 88, 91Harding, Warren, 3Hoover, Herbert, 3Human resources, 131–132

Income statement, 46Insurance, 95Insurance professional, 141Internal control system, 69–72

accounting system, 70code of ethics, 69control activities, 71monitoring activities, 71review of, 126–135, 211–212

Internal Revenue Codesection 501(c)(3), 29, 40, 67, 68

Internal Revenue Service (IRS), 140

Intervention strategies, 107–108Investing activities, 51, 52

Labor payable, 44Language, 106

Legislative environment fornonprofits, 13–25, 86–89

California’s “Nonprofit IntegrityAct,” 24–25

U.S. Senate Finance Committeehearings on nonprofitaccountability, June 2004, 13–24

Liabilities, 44Loan policies, 125Lobbying activities, 74Long-term debt to net assets, 63–64

Mission-driven organizations, 124Monitoring activities, 71Mortgages payable, 44

NASDAQ, 35National Center for Charitable Statistics,

40, 68Net assets, 45–46

permanently restricted, 45temporarily restricted, 45unrestricted, 45

Newcomers, 104New York Stock Exchange (NYSE), 4Non-current assets, 44Non-current liabilities, 44Nonprofit organizations

legislative environment and, 13–25and relevance of Sarbanes-Oxley Act,

12–13Notes payable, 44

Ombudsman, 77–78Operating activities, 51, 52Operating margin, 60Organizational culture, 103–121

as barrier to SOX best practices,108–110

defined, 104interpretation of, 105–108introducing change, 110–112

modeling new behavior: SOX bestpractices, 111–112

232 index

ch24_idx_4386.qxd 2/10/05 10:24 AM Page 232

modifying current culture, 110–111time required for change, 112

Orientation, 97–98, 207–209Oxley, Michael, 2

Philanthropic Research, Inc., 140Pipevine, 88Platinum operating standards, 123–135

characteristics of, 125–126conducting review of internal controls,

126–135incorporating SOX best practices,

126–128Policies and protocols, 107Price Waterhouse, 33Privacy issues, 130, 132Problem solving, 107Pro bono assistance, 162–163Profit and loss (P & L) statement, 46Programs and operations, 132Public Company Accounting Oversight

Board (PCAOB) (Title I), 7, 8,10–11

Public Company Accounting Reformand Investor Protection Act, 1, 7.See also Sarbanes-Oxley Act

Public trust and scrutiny, 89

Quick ratio, 57

Regulatory practices knowledge, 95Return on total assets, 60–61Revenues, 47Risk management plan, 213–218

sample, 217–218worksheets, 213–217

Risk management program, 144–149designing program, 148developing plan, 148–149risk administration and monitoring,

147–148risk assessment, 145–146risk management implementation,

146–147

Roosevelt, Franklin D., 4Rules of the game, 106

Salaries for key managers and staffmembers, 73

Sarbanes, Paul, 2Sarbanes-Oxley Act (SOX), 1–26

best practices resulting fromcompliance, 3, 138–154

current legislative environment fornonprofits, 13–25

economic history and, 3–6importance of, 7list of titles and sections of Act,

7–12provisions of, 2relevance to nonprofits, 12–13

Schein, Edgar, 104SEC. See Securities and Exchange

CommissionSecurities Act of 1933, 4, 29Securities and Exchange Commission

(SEC), 5EDGAR, 5

Securities Exchange Act of 1934, 5, 29Small nonprofits, 155–163

adopting SOX best practices, 157customizing SOX best practices

successfully, 162–163myths that impede, 155–157scaling SOX best practices to suit

needs, 157–161Smith, Adam, 124Social marketing, 111SOX. See Sarbanes-Oxley ActStaff members, 143Statement of cash flows, 40, 50–52

financing activities, 51, 52investing activities, 51, 52operating activities, 51, 52sample, 184–187

Statement of changes in net assets, 40,49–50

sample, 181–184

index 233

ch24_idx_4386.qxd 2/10/05 10:24 AM Page 233

Statement of operations, 40, 46–49below the line items, 48–49expenses, 48revenues, gains, and other support,

47sample, 175–180

Stock market crash of 1929, 4Strategic planning, 107Studies and reports (Title VII), 9, 11Suer, Oral, 113Support, 47

Term limits, 203–204Third-party reporting systems, 78Time line, establishing, 135Times interest earned, 64Total asset turnover ratio, 61–62Traditions, 106Transparency, 21Trend analysis, 53–54Truth in securities act, 4Tyco, 6

U.S. Senate Finance Committeehearings on nonprofit accountability,

2, 13–24, 108

proposals, 2staff paper, 86–87

United Way, 12United Way of the National Capital Area,

112–113, 125, 138lessons learned from scandal, 113–114

United Way of the San Francisco/BayArea, 88, 91

Values, 106–107Vendor contracts, 130Volunteers, 143

Web site, 143Whistleblower protection (Title VII), 9,

12, 76–77, 86, 95, 132sample policy, 189and small nonprofits, 157–158

White collar crime penalty (Title IX),10, 12

Workers Compensation claims andlegislation, 131

WorldCom, Inc., 6, 125

Xerox, 6

234 index

ch24_idx_4386.qxd 2/10/05 10:24 AM Page 234