“Individuals who have questions about the tax treatment of BP claims payments or who are experiencing filing or payment hardships because of the oil spill will be able to work directly with IRS personnel at any of these locations on Saturday.”

For more information, see this IRS link.

UPMIFA was developed to improve the protection of donor intent with respect to expenditures from endowments and applies to charities organized as charitable trusts or as nonprofit corporations and trusts managed by charities. The Act does not apply to funds managed by trustees that are not charities or trusts managed by corporate or individual trustees. UPMIFA provides guidance and authority to charitable organizations concerning the management and investment of funds held by those organizations and imposes additional duties on those who manage and invest charitable funds to provide additional protection for charities and also protect the interests of donors who want to see their contributions used wisely. The Act updates the rules governing expenditures from endowment funds, whether donor restricted or board designated, to provide stricter guidelines on spending endowment funds and to give institutions the ability to cope more easily with fluctuations in the value of the endowment.

In addition to identifying factors that a charity must consider in making management and investment decisions, UPMIFA requires a charity and those who manage and invest its funds to 1) give primary consideration to donor intent as expressed in a gift instrument, 2) act in good faith, with the care an ordinarily prudent person would exercise, 3) incur only reasonable costs in investing and managing charitable funds, 4) make a reasonable effort to verify relevant facts, 5) make decisions about each asset in the context of the portfolio of investments, as part of an overall investment strategy, 6) diversify investments unless due to special circumstances, the purposes of the fund are better served without diversification, 7) dispose of unsuitable assets, and 8) in general, develop an investment strategy appropriate for the fund and the charity.

Has your organization adopted an investment policy that complies with your state’s version of UPMIFA? Review your state’s requirements and make sure your policies conform to the prudent management of funds.

For additional information see http://www.upmifa.org.

For the State of Texas version of UPMIFA see http://www.statutes.legis.state.tx.us/SOTWDocs/PR/htm/PR.163.htm

It can be a daunting task to get individuals to engage in making changes to the processes and controls already in place at their organization but when they are educated on how important the controls really are they may be more willing to with stain from their resistance to change.

The 2008 report to the Nation on Occupational Fraud and Abuse estimated that US organizations lose 7% of their annual revenues to fraud which translates to approximately $994 billion in fraud losses. Losses were noted to be significantly lower in the cases where the organization had implemented controls. Small businesses were noted to be especially vulnerable to occupational fraud. The median loss suffered by organizations with fewer than 100 employees was $200,000 which is higher than the median loss in any other category, including the largest organizations. Lack of adequate internal controls was most commonly cited as the factor that allowed fraud to occur.  To read more on this report go to http://www.acfe.com/resources/publications.asp?copy=rttn

One of the key parts of the ‘self-test’ reads as follows: “Internal control is a process designed to…achieve effectiveness and efficiency of operations, reliability of financial reporting and compliance with applicable laws and regulations.” What organization doesn’t want to process transactions more efficiently, have accurate financial statements to their stakeholders or ensure they are in compliance with applicable laws and regulations? Properly designed internal controls can lead an organization in the right direction.

I have found the following to be a handful of a few good controls (this is not intended to be a list of the minimum controls an organization should have; simply it is a few of the controls that I think are very important):

1. Do not underestimate the power of “Tone at the Top” – if management skirts issues under the table their subordinates will assume they can do the same. This includes maintaining an oversight body (Board of Directors, etc) that has intimate knowledge of how the company operates and understands how to read and process financial information
2. Implement “Big Brother” approaches – people are less likely to stray from doing the right thing if they know someone is out there watching over their actions

Another step I highly recommend is to gain an in depth understanding of your company’s processes and procedures and see where the weaknesses are; then develop internal controls to address the identified risks.

To take the brief test to determine your level of understanding of internal controls go here:  http://www.journalofaccountancy.com/Issues/2010/Mar/20092240.htm

In January 2010, Carl Ho, CPA posted an article on Blue Avocado (http://www.blueavocado.org) titled “Five Internal Controls for the Very Small Nonprofit” that gives some insight as to what the most important controls are for small organizations. The most important controls relate to checks and balances. Establishing a “tone at the top” so that policies are in place and all employees including management follow them. Other importants considerations include clearly defined responsibilities, locking up checks, using protected passwords on computers, having two people count cash together, reconciling bank statements timely, review of reconciliations or bank statements by someone other than the bookkeeper or preparer, requiring two signatures on checks, and not allowing the bookkeeper to be a check signer. Even with these procedures in place, fraud can occur if there is collusion or if management circumvents the policies or controls. For the full article visit, http://www.blueavocado.org/content/five-internal-controls-very-small-nonprofit.

Governance plays a significant part in the control environment. Listed below are a few links from the IRS website regarding governance practices for non-profit organizations.

Governance and Tax-Exempt Organizations – Examination Materials

http://www.irs.gov/charities/article/0,,id=216068,00.html

http://www.irs.gov/pub/irs-tege/governance_check_sheet.pdf

Governance of Charitable Organizations and Related Topics

http://www.irs.gov/charities/article/0,,id=178221,00.html

To begin the audit, the accountant (or equivalent) will present the auditor with a listing of all accounts and the related balances that are used to compile the financial statements. Basically, the accountant is saying this is what I believe to be the balances of these accounts. Then the auditor goes through various steps, such as confirming information with third parties, reviewing invoices, contracts, receipts, bank statements, and analytical procedures to prove that the balances are not “materially misstated” and that the statements conform to generally accepted accounting principles.

An audit does not look at every transaction that occurred during the year. Normally this would be cost prohibitive. So the auditor will look at various accounts and take a sample of transactions from those accounts. Because we “test” the account balances and not review 100%, our report is not saying that the financial statements are necessarily 100% accurate, but our report tells the users of the financial statements that we believe there is not a material misstatement that would cause you to alter a decision.

For example, your organization may report to us that they have a balance of accounts receivable of $2 million. Through various means of testing this balance, we have reviewed $1.9 million of this balance and believe it to be accurate. But we have not audited the remaining $100,000. We believe that the users of the financial statements would make the same decision if the actual balance were $2 million or $1.9 million. When errors are found during the audit, the auditors will discuss the issues with management and propose adjustments to the financial statements.

Understanding what an audit of financial statements entails helps management, Board of Directors and others to know what they are paying for and that the statements fairly represent the financial status of the organization. If the accountant uses the same generally accepted accounting principles to compile the monthly financial statements, this will help management and the Board of Directors make consistent, well-informed decisions.

Participants will learn:

• The importance of sound budgeting
• The basic principles of budgeting
• How the budget is used as a planning and management tool
• Steps in the budgeting process
• How to develop various types of budgets, including programs and special events

Speaker: Christi Stinson, Executive Director, Funding Information Center
Fee: $20 for FIC members; $40 for nonmembers

Date: Tuesday February 16th, 2010

Time:  9:00 a.m. to 11:00 a.m.

Location: Funding Information Center
329 S. Henderson, Fort Worth, TX 76104
817-334-0228
To register, follow this link.

1. Determine if employee deferrals comply with current regulations (See limitations at: http://www.irs.gov/retirement/sponsor/article/0,,id=151925,00.html)
2. Determine if employee deferrals comply with the Plan’s maximum percentage requirements, if applicable (controls should be in place to ensure that employees are not allowed to elect to contribute more than the Plan’s elected maximum percentage as indicated in the Plan Document)
3. Controls should be in place to ensure that contributions are submitted to the Plan in a timely basis (Determine the who and the when to make sure it happens as required by law). Key – Timing should not be in excess of the number of days it takes an employer to transmit payroll taxes
4. Knowledgeable personnel should review and approve all loans and distributions made from the Plan . This knowledgeable person has read and fully understands the Plan document and requirements contained therein.
5. For loan approval – Understand the plan requirements for the following: loan amount complies; interest rate in loan agreement complies; condition for loan.
6. For distributions – Understand the following:  distribution complies with plan provisions and ensure all necessary documentation is retained (specifically for hardship distributions); distribution request includes the appropriate amount and the accurate amount of withheld taxes (10% and possibly an additional 20% if early distribution); ensure the appropriate vested percentage is utilized for employer contributions; determine if distributions required by law (required minimum distributions, etc) were completed during the year.

I hope the information is helpful in establishing a sound control environment for your organization’s employee benefit plan.  If there are areas that I have missed feel free to leave a comment to help out the other readers.  The controls that I have listed are coming from an auditor’s point of view and you may have insights related to your field of expertise that could be beneficial to others!

So what is an audit of financial statements? Usually on a monthly basis, the controller, CFO, or accountant at your organization prepares financial statements, usually consisting of a balance sheet and income statement. These statements are used by staff, management and the Board of Directors to make decisions about the organization. But all of the information is gathered by and reported by people INTERNAL to the organization. A financial statement audit involves someone EXTERNAL to the organization, an independent certified public accountant.

Audits of financial statements are done according to a set of standards that all CPA’s must adhere to, which are referred to as Generally Accepted Auditing Standards (GAAS). These standards have been developed by the American Institute of Certified Public Accountants and are monitored and revised based on financial circumstances, including failures related to fraud.

So how do we perform an audit? See my post, next month.

1. Ensure all user control considerations included in the third party administrator’s (record-keeper, trustee, custodian, etc) Type II SAS 70 are in place at the Plan Sponsor
2. Analyze compliance testing results provided by the third party administrator and if the Plan failed any tests ensure that corrective action is taken in a timely manner (distributions or additional contributions to the Plan as necessary)
3. Determine if established internal controls are designed appropriately to catch errors or fraud that may occur during the processing of transactions related to the Plan. Consider conducting a brainstorming session with individuals involved in the Plan in determining what could go wrong and then determine if controls currently in place are adequate to address such risks.
4. If the census is prepared by the Plan Sponsor ensure that the total wages included in the census reconciles with the organizations payroll records (remember census must include all employees that received a paycheck during the year whether employed by the organization or not during the year); the census should also be reconciled with the record-keeper statements (employee contributions, employer contributions and loan repayments). Key point – A reconciled census that agrees with the Plan Sponsors audited financial statements and the record-keeper statements will save time and money during a benefit plan audit
5. Controls should be in place to ensure all information included on the participant statements (social security #, name, compensation, date of birth, date of hire and date of termination) is complete and accurate.  Inaccurate information could lead to:

• Allowing individuals to enter the plan when they were not eligible to do so or not allowing an employee into the plan that is in fact eligible.
• Inaccurate amounts being withheld for employee contributions and/or employer matching contributions.
• Inaccurate amounts being withheld or forfeited when an employee receives a distribution (early distribution tax penalties or issues related to utilizing the appropriate vesting percentage for employer contributions)

     6. Determine if the annual Form 5500 reconciles to the Plan’s financial statement’s

 Interested in refining your internal controls for benefit plan recordkeeping. More will come in a later blog post…

10. Begin working on your schedules weeks before the audit occurs, you might have questions and your auditor is just a phone call or email away.
9. Keep track of issues you struggled with during the year. It will help the auditor key in on important areas at the beginning of the audit.
8. Get the confirmations back to the auditors quickly! The more time there is to send these out the better chance the auditor receives the accurate information. Not getting them back causes more work for all parties involved.
7. Communicate your schedule to the auditors. This helps the auditor work around your normal responsibilities.
6. Make all your adjustments to your trial balance before you provide it to the auditor.
5. Those schedules we talked about earlier make sure they tie to that final trial balance.
4. Make needed documentation easy to access and provide it to the auditors as soon as possible.
3. Be available! Here’s a tip, set aside time on your calendar devoted to auditor questions and audit prepwork.
2. Implement good segregation of duties among your staff. The more checks & balances you have the less likely you are to have errors or issues.
1. Don’t do anything fraudulent or misleading during the year. (Always a plus). Tell the truth.

The key to success is communication and preparedness. If you apply these steps you should see a reduction in the amount of friction an audit can cause.