We've reflected on the key elements your organization should focus on as we've moved into a post-pandemic world, but there are individual components that will further gauge the overall health of your nonprofit organization and set you up for success. One such element is conducting a regulatory audit. Audits are part of good governance and a best practice for nonprofit organizations. Not only do they assure your organization's compliance, but they also provide transparency and accountability to all stakeholders.
Although they can be time-consuming and costly, audits help ensure compliance with laws and regulations, reduce the risk of fraud or other financial irregularities, and improve your organization's functionality. An audit will help strengthen the organization's financial reporting, assuring donors, funders, and the general public that your organization is fiscally responsible, and will help prepare and inform you for any future opportunities or bottlenecks.
Before we dive in, it's important to clarify that in addition to the varying components of this process, the two overarching types of audits conducted by organizations are external and internal.
External audits are conducted by an independent third party, a governing body such as the Canadian Revenue Agency (CRA), and other stakeholders, for example, as part of a grant agreement or as a loan condition. This type of audit is often used to verify the accuracy of financial statements and other documents and is typically used by stakeholders, such as investors, creditors, and lenders annually.
Alternatively, an organization can conduct an internal audit. Internal audit reports are used by management and can be conducted on a more regular basis, (i.e., more than once a year, or after a major change such as a pandemic) to ensure that their records, processes, and financial statements are closely examined and iterated in planned intervals. In this article, we'll focus on the latter.
An internal audit aims to evaluate internal control, a process effected by a nonprofit's board of directors, management, and other personnel, designed to provide reasonable assurance. Internal auditors are responsible for the audit and are appointed by the organization, usually in the form of a committee, and their findings are integrated by management.
Here are main components of an internal audit:
The internal audit will determine if these five components of management control are present and operating effectively, and if not, the goal is to provide recommendations for improvement. Now that you know the why of internal audits, let's get to the how.
An audit typically requires access to various components of your organization to assist the board in maintaining the organization's financial credibility and integrity, all while maintaining compliance with laws and regulations. As such, it's important that your committee includes members of the board of directors and involves a sub-committee comprised of voting members independent of your organization's management and employees. Roles within the committee can be delegated within the authority of the committee.
It's important to note that when your organization is creating this committee, the auditors will not have direct operational responsibility or authority over any of the activities that are audited. While they assist in determining ideas for improvement, they aren't responsible for implementing internal controls or completing the development of procedures. They are, however, responsible for reviewing the timeline, confirming expectations for the upcoming work, finalizing pertinent dates, and reviewing the materials needed.
Once the audit committee has outlined its goal and raised any existing concerns or issues about a specific financial area they want to ensure is included in the work plan, they will need to put together the documents and information required to complete the audit. This process should include:
This preparation allows the committee to delegate responsibilities to your team, so they can answer the questions and gather the necessary documentation before the audit.
Communication is key for any organization, especially in high-pressure situations like an audit, which can often have a negative connotation. Before the audit, you should brief your employees to ensure they are ready to answer any questions that fall within the scope of their roles and the deliverables within them.
The audit will include interviews with various departments, so communication between management and the audit committee is typical throughout the process. Management should have regular check-ins with the audit committee and communicate any changes in timing or expectations. In return, the audit committee will regularly update management on outstanding items or milestones.
Once the audit has concluded, there is usually a post-audit meeting with the committee to conduct an initial review of the results. At this meeting, several critical topics of discussion will encompass the findings of the audit. An outline of these, as well as accounting principles selected, audit adjustments, management disagreements, and any difficulties encountered while performing the audit, will be organized into a document for a potential action plan.
The audit results should also be communicated to the board members and other important stakeholders, including the general public. A positive nonprofit audit result is something to strive for, as it's indicative that the organization is reputable, trustworthy, and financially stable. While the audit itself is done, thorough preparation for the board meeting requires having a complete understanding of the organization's financials and journal entries to be able to answer potential questions.
The final step is to prepare an action plan for implementation. After reviewing the results with the board and management, the final step is to prepare an action plan, discussing improvements and proposed solutions for implementation.
Like everything else in organizational financial governance, thorough preparation and communication are the cornerstones of a successful internal audit.
Conducting a robust internal audit is an essential aspect of good governance and financial management for nonprofit organizations. With the help of Sparkrock 365's modern cloud-based ERP solution, the audit process can be further streamlined. By leveraging our platform's comprehensive financial reporting and management tools, nonprofits can enhance their internal controls and ensure compliance with laws and regulations.
Sparkrock 365 enables the efficient compilation of financial statements, bank reconciliations, payroll data, and grant details, further simplifying the audit preparation process. Moreover, its centralized database and communication features facilitate seamless collaboration between management, the audit committee, and employees during the audit.
As the audit concludes, Sparkrock 365 equips organizations with valuable insights to develop actionable improvement plans, fostering transparency and accountability to all stakeholders. With thorough preparation and the aid of Sparkrock 365's ERP solution, nonprofit organizations can achieve successful and effective internal audits, paving the way for a reputable, trustworthy, and financially stable future. Check out the rest of our nonprofit resources here, and be sure to contact us before your next audit - we'd love to help!