Internal controls are the financial processes that enable an organization to safeguard its assets and can be difficult for smaller organizations due to limited staff.
Set the Environment
Let everyone know, from the top down, that there are policies in place and everyone has to follow them. In some organizations, the top person makes exceptions for him or herself which sends an inconsistent message and potentially unethical tone. Then, it’s not long before others begin cutting corners and skirting policy. Emphasize the importance of ethics and controls at staff meetings and demonstrate that everyone follows the rules, all the time.
Simply put, lock it up! Put checks in a locked drawer and secure expensive equipment like computers. If there’s cash involved – such as a fundraiser – have two people count the cash together and immediately store it in a secure location. Computer and system passwords are also important to protect sensitive data.
Reconciling the Bank Statement
This is a critical step in preventing embezzlement. Ideally, someone other than the bookkeeper should reconcile the bank account from an unopened statement. If you’re a small nonprofit and have only one staff member who handles everything, then consider having someone else (like a board member) receive the unopened statement and look it over before giving it to your staff person.
Clearly Define Roles
In small organizations, policies and procedures aren’t often written down or documented. Therefore, it’s common for important control procedures to be missed or overlooked because one staff member assumed another person was going to do it. It’s important to clearly define (and document if practical) who’s responsible for checking invoices, reviewing the math, reconciling statements, approving payments to vendors, etc.
Even in the smallest organization, it’s a good idea to have an independent person look things over periodically. If you combine this with good controls and an atmosphere that emphasizes accountability for all, you’ll create a comfortable working environment while protecting your organization’s assets and mission.