Effective July 1, 2011, the IRS has changed the optional standard mileage rate to 55.5 cents per mile. According to the IRS, this optional rate can be used to compute the deductible transportation costs paid or incurred for business purposes. Many non-profit organizations use this rate as a guide to reimburse employees who use their personal vehicle to conduct the organization’s business. Although 55.5 cents doesn’t sound like much, it is something that can add up quickly. Unfortunately, in tougher economic times, this could be a way that staff increase their paychecks if they think no one is watching.

Whether you use the IRS rate as your reimbursable amount or some other rate, here are some suggestions to manage these reimbursements:

1. Review the policies at least annually.
2. Ask staff how they interpret these policies, and address any ambiguities.
3. Usually organizations only reimburse employees for mileage in excess of the miles that would be driven to the place of employment. For example, a case worker drives directly to a client’s house, which is 10 miles from the employee’s house. Your office is 6 miles from the employee’s house. Typically, you would only reimburse the employee for 4 miles of travel.
4. As part of the hiring process, inform new staff of the organization’s policies and give examples of what is allowed and what is not.
5. Periodically review these policies at staff meetings.
6. Employees should keep a written log of the mileage, which should include at a minimum for each trip:  Date of travel, destination, purpose of trip, and miles driven.  If you receive federal or state grants, the granting agency may require you to keep more detailed records, such as odometer readings, address of the destination, or attach maps showing mileage.
7. Prior to reimbursement, the mileage logs should be approved by the employees’ supervisors who are knowledgeable of their activities. The logs should also be periodically reviewed for inconsistencies, errors, redundant trips, and abuse.

     Does your organization receive federal grants? If so, did you know that you are required to establish and maintain internal controls to ensure that you are following the provisions of the grant? Most of the time organizations are concerned with having proper internal controls over their routine accounting related functions, but having internal controls over compliance requirements of federal grants can be just as important.

     What are you required to do? According to OMB Circular A-133 (which governs the administration of federal awards), organizations are required to:
“Maintain internal control over Federal programs that provides reasonable assurance that the auditee is managing Federal awards in compliance with laws, regulations, and the provisions of contracts or grant agreements that could have a material effect on each of its Federal programs.”
       To ensure that you have the proper controls in place, it is a good idea to perform an assessment of each of the compliance requirements that affect your federal grants. Here are a few questions you can ask yourself and others involved with the administration of the grant:
     “How do we know that case managers who are carrying out the program are fully informed of the provisions of the grant?”
     “What process do we have that would prevent an unallowable cost from being charged to the grant?
     “How do we know that participants in the program are eligible to receive services? Does anyone verify eligibility after the initial assessment?”
     “How do we make certain that we have paid for allowable costs before we request reimbursement from the grantor?”
     “How do we communicate changes involving the grant to those personnel who need to know?”
     “Do we routinely check the “Excluded Parties Listing System” to ensure that we are not doing business with any vendors that have been suspended or debarred?”
     “What process do we have in place to make sure that all reports were filed accurately and timely?”

     After doing this assessment, you may find that your internal controls need to be strengthened. If you need assistance with this, please give us a call.

Does your organization struggle in determining “what” policies would mitigate loss when cash collections are decentralized? This post is a continuation of my previous post on internal controls at remote locations. If you just can’t get enough piece of mind (and who doesn’t love that), you might find these other “processes” useful.  And now, the continued list of suggestions:

• Determine staffing during collection times. For receipts over a certain dollar amount, always have at least two employees present (counting/depositing) to help lower this heightened risk factor.
• If receipts are provided to the donor or client: consider using a triplicate form. One copy to the donor/client, one that is included in the deposit report sent to the accounting office , and one to be retained in numerical sequence for accountability over the forms used.
• Maintain a cash receipts log when using numbered receipt forms. The log should include receipt number, date received, name of payor, amount of payment, form of receipt (cash, check, money order, etc.), check number and date (if applicable), and purpose of payment (if known or applicable).
• Posting signs at collection areas informing payors that they should get a receipt showing their transaction.
• When transporting cash receipts from the remote location back to the central office or bank, utilize a courier service if possible or appropriate. Minimally, keep receipts in a locked security bag with a trustworthy employee not involved in the recording or reconciliation process transporting the bag. If there is a large amount of receipts being transported, have two employees be involved for additional safety. Read the rest of this entry »

If your organization utilizes remote locations collecting cash receipts, such as community centers or branches, you probably already know that this is an easy area for things to go wrong. You have likely considered designing and implementing, or have already implemented controls over your cash receipt procedures. These controls can include things such as developing written policies and procedures, implementing adequate separation of duties, ensuring timely deposits, and establishing reconciliation procedures that include accountability and management review. 

One of the most important controls you can implement Read the rest of this entry »

Think again. Every two years the Association of Certified Fraud examiners publishes its Report to the Nations on Occupational Fraud and Abuse. It’s amazing to me to see how consistent the results are from period to period and across industries. The report also reminds me how dangerous and costly blind trust can be to organizations. Many of our nonprofit clients tell us that fraud is just not a significant risk for their organization because their employees are commited the cause.  And who could be more trustworthy than someone willing to serve an important cause?

If that’s really true, then why are are nonprofit organizations involved in almost 10 percent of all fraud cases reported in the study?

We often let our desire to trust other people cloud our judgment. Especially people we hired personally and have spent years building relationships with Monday through Friday. Deep down, we all believe we’re exceptional judges of character.

And that’s when it happens. 

If the most important fraud control in place in your organization is the ability to judge character in the people you hire, you may already be a victim.

If you’re concerned that you may be the victim of a fraud, or want more information on preventing fraud, we can help.

I recently completed a ‘self-test’ in the Journal of Accountancy, March 2010 edition, titled “Internal Control:  Test Your Knowledge” and it reminded me of several questions that I have received from my clients. Many individuals within organizations believe that internal controls are only really necessary for large companies. This is a fallacy. Internal controls are VERY important for all types of organizations. Even if a company is very small, with only a few people working in the accounting department, processes can be developed to ensure that a sound control environment is consistently maintained.

It can be a daunting task to get individuals to engage in making changes to the processes and controls already in place at their organization but when they are educated on how important the controls really are they may be more willing to with stain from their resistance to change. Read the rest of this entry »

Listed below are some additional controls that I believe are necessary for a sound control environment in an employee benefit plan (again this list is not intended to be all inclusive as the facts and circumstances of employee benefit plans vary):

1. Determine if employee deferrals comply with current regulations (See limitations at: http://www.irs.gov/retirement/sponsor/article/0,,id=151925,00.html)
2. Determine if employee deferrals comply with the Plan’s maximum percentage requirements, if applicable (controls should be in place to ensure that employees are not allowed to elect to contribute more than the Plan’s elected maximum percentage as indicated in the Plan Document)
3. Controls should be in place to ensure that contributions are submitted to the Plan in a timely basis (Determine the who and the when to make sure it happens as required by law). Key – Timing should not be in excess of the number of days it takes an employer to transmit payroll taxes
4. Knowledgeable personnel should review and approve all loans and distributions made from the Plan . This knowledgeable person has read and fully understands the Plan document and requirements contained therein.
5. For loan approval – Understand the plan requirements for the following: loan amount complies; interest rate in loan agreement complies; condition for loan.
6. For distributions – Understand the following:  distribution complies with plan provisions and ensure all necessary documentation is retained (specifically for hardship distributions); distribution request includes the appropriate amount and the accurate amount of withheld taxes (10% and possibly an additional 20% if early distribution); ensure the appropriate vested percentage is utilized for employer contributions; determine if distributions required by law (required minimum distributions, etc) were completed during the year.

I hope the information is helpful in establishing a sound control environment for your organization’s employee benefit plan.  If there are areas that I have missed feel free to leave a comment to help out the other readers.  The controls that I have listed are coming from an auditor’s point of view and you may have insights related to your field of expertise that could be beneficial to others!

To ensure a Plan Sponsor is fulfilling their fiduciary obligations related to the oversight of an employee benefit plan I have listed some of the internal control matters that should be addressed (please note this is not an all inclusive list as facts and circumstances of each Plan vary):

1. Ensure all user control considerations included in the third party administrator’s (record-keeper, trustee, custodian, etc) Type II SAS 70 are in place at the Plan Sponsor
2. Analyze compliance testing results provided by the third party administrator and if the Plan failed any tests ensure that corrective action is taken in a timely manner (distributions or additional contributions to the Plan as necessary)
3. Determine if established internal controls are designed appropriately to catch errors or fraud that may occur during the processing of transactions related to the Plan. Consider conducting a brainstorming session with individuals involved in the Plan in determining what could go wrong and then determine if controls currently in place are adequate to address such risks.
4. If the census is prepared by the Plan Sponsor ensure that the total wages included in the census reconciles with the organizations payroll records (remember census must include all employees that received a paycheck during the year whether employed by the organization or not during the year); the census should also be reconciled with the record-keeper statements (employee contributions, employer contributions and loan repayments). Key point – A reconciled census that agrees with the Plan Sponsors audited financial statements and the record-keeper statements will save time and money during a benefit plan audit
5. Controls should be in place to ensure all information included on the participant statements (social security #, name, compensation, date of birth, date of hire and date of termination) is complete and accurate.  Inaccurate information could lead to:

• Allowing individuals to enter the plan when they were not eligible to do so or not allowing an employee into the plan that is in fact eligible.
• Inaccurate amounts being withheld for employee contributions and/or employer matching contributions.
• Inaccurate amounts being withheld or forfeited when an employee receives a distribution (early distribution tax penalties or issues related to utilizing the appropriate vesting percentage for employer contributions)

     6. Determine if the annual Form 5500 reconciles to the Plan’s financial statement’s

 Interested in refining your internal controls for benefit plan recordkeeping. More will come in a later blog post…

Whether your annual audit is approaching or this will be your business’ first audit ever, an audit can seem like a daunting event. But there are ways to make this potentially painful event pass with minimal frustration:

10. Begin working on your schedules weeks before the audit occurs, you might have questions and your auditor is just a phone call or email away.
9. Keep track of issues you struggled with during the year. It will help the auditor key in on important areas at the beginning of the audit.
8. Get the confirmations back to the auditors quickly! The more time there is to send these out the better chance the auditor receives the accurate information. Not getting them back causes more work for all parties involved.
7. Communicate your schedule to the auditors. This helps the auditor work around your normal responsibilities.
6. Make all your adjustments to your trial balance before you provide it to the auditor.
5. Those schedules we talked about earlier make sure they tie to that final trial balance.
4. Make needed documentation easy to access and provide it to the auditors as soon as possible.
3. Be available! Here’s a tip, set aside time on your calendar devoted to auditor questions and audit prepwork.
2. Implement good segregation of duties among your staff. The more checks & balances you have the less likely you are to have errors or issues.
1. Don’t do anything fraudulent or misleading during the year. (Always a plus). Tell the truth.

The key to success is communication and preparedness. If you apply these steps you should see a reduction in the amount of friction an audit can cause.

The following excerpt is provided, by permission, from Melanie Herman, Executive Director of the Nonprofit Risk Management Center, Leesburg, VA:

In Jeffrey Rosenthal’s fascinating book “Struck by Lightning: the Curious World of Probabilities, Rosenthal explores the science of probabilities. He compells his readers to remember that risk management is accompanied by “randomness”. Many aspects of our lives are governed by events not completely within our control and uncertainty is here to stay. Nonprofit leaders have two options regarding uncertainty: #1 – Let uncertainty get the better of us and our tax-exempt organizations or #2 – Learn to understand and perhaps appreciation randomness and act accordingly.

According to Rosenthal, “by thinking logically about the likelihood of various outcomes, we can better make decisions and understand our lives more deeply.”  So what does thinking logically have to do with governance and managing risk? Read the rest of this entry »