Does your organization receive federal grants? If so, did you know that you are required to establish and maintain internal controls to ensure that you are following the provisions of the grant? Most of the time organizations are concerned with having proper internal controls over their routine accounting related functions, but having internal controls over compliance requirements of federal grants can be just as important.

     What are you required to do? According to OMB Circular A-133 (which governs the administration of federal awards), organizations are required to:
“Maintain internal control over Federal programs that provides reasonable assurance that the auditee is managing Federal awards in compliance with laws, regulations, and the provisions of contracts or grant agreements that could have a material effect on each of its Federal programs.”
       To ensure that you have the proper controls in place, it is a good idea to perform an assessment of each of the compliance requirements that affect your federal grants. Here are a few questions you can ask yourself and others involved with the administration of the grant:
     “How do we know that case managers who are carrying out the program are fully informed of the provisions of the grant?”
     “What process do we have that would prevent an unallowable cost from being charged to the grant?
     “How do we know that participants in the program are eligible to receive services? Does anyone verify eligibility after the initial assessment?”
     “How do we make certain that we have paid for allowable costs before we request reimbursement from the grantor?”
     “How do we communicate changes involving the grant to those personnel who need to know?”
     “Do we routinely check the “Excluded Parties Listing System” to ensure that we are not doing business with any vendors that have been suspended or debarred?”
     “What process do we have in place to make sure that all reports were filed accurately and timely?”

     After doing this assessment, you may find that your internal controls need to be strengthened. If you need assistance with this, please give us a call.

Does your organization struggle in determining “what” policies would mitigate loss when cash collections are decentralized? This post is a continuation of my previous post on internal controls at remote locations. If you just can’t get enough piece of mind (and who doesn’t love that), you might find these other “processes” useful.  And now, the continued list of suggestions:

• Determine staffing during collection times. For receipts over a certain dollar amount, always have at least two employees present (counting/depositing) to help lower this heightened risk factor.
• If receipts are provided to the donor or client: consider using a triplicate form. One copy to the donor/client, one that is included in the deposit report sent to the accounting office , and one to be retained in numerical sequence for accountability over the forms used.
• Maintain a cash receipts log when using numbered receipt forms. The log should include receipt number, date received, name of payor, amount of payment, form of receipt (cash, check, money order, etc.), check number and date (if applicable), and purpose of payment (if known or applicable).
• Posting signs at collection areas informing payors that they should get a receipt showing their transaction.
• When transporting cash receipts from the remote location back to the central office or bank, utilize a courier service if possible or appropriate. Minimally, keep receipts in a locked security bag with a trustworthy employee not involved in the recording or reconciliation process transporting the bag. If there is a large amount of receipts being transported, have two employees be involved for additional safety. Read the rest of this entry »

If your organization utilizes remote locations collecting cash receipts, such as community centers or branches, you probably already know that this is an easy area for things to go wrong. You have likely considered designing and implementing, or have already implemented controls over your cash receipt procedures. These controls can include things such as developing written policies and procedures, implementing adequate separation of duties, ensuring timely deposits, and establishing reconciliation procedures that include accountability and management review. 

One of the most important controls you can implement Read the rest of this entry »

When there are only a few staff in an organization, it is very difficult to obtain the appropriate level of segregating duties.

In January 2010, Carl Ho, CPA posted an article on Blue Avocado (http://www.blueavocado.org) titled “Five Internal Controls for the Very Small Nonprofit” that gives some insight as to what the most important controls are for small organizations. The most important controls relate to checks and balances. Establishing a “tone at the top” so that policies are in place and all employees including management follow them. Other importants considerations include clearly defined responsibilities, locking up checks, using protected passwords on computers, having two people count cash together, reconciling bank statements timely, review of reconciliations or bank statements by someone other than the bookkeeper or preparer, requiring two signatures on checks, and not allowing the bookkeeper to be a check signer. Even with these procedures in place, fraud can occur if there is collusion or if management circumvents the policies or controls. For the full article visit, http://www.blueavocado.org/content/five-internal-controls-very-small-nonprofit.

Governance plays a significant part in the control environment. Listed below are a few links from the IRS website regarding governance practices for non-profit organizations.

Governance and Tax-Exempt Organizations – Examination Materials

http://www.irs.gov/charities/article/0,,id=216068,00.html

http://www.irs.gov/pub/irs-tege/governance_check_sheet.pdf

Governance of Charitable Organizations and Related Topics

http://www.irs.gov/charities/article/0,,id=178221,00.html

With limited resources and tightening budgets, establishing effective internal controls can become tricky. Controlling the cash flowing into and out of the organization is supremely important and can generally be done effectively with the personnel and board members that are already in place. The single most important tenet of a control structure, especially in cash disbursements, is to limit opportunity by segregating duties. Think about the person that performs the most duties related to cash disbursements in your organization. What happens if that person receives some added motivation such as an ill family member with medical bills or a spouse losing a job? Could they rationalize the need for additional funds and ultimately cause damage to your organization? As honest as you perceive people in your organization to be, segregation of duties helps keep these people honest. 

The following are a list of helpful controls that limit the ability to perpetrate and conceal theft of cash. Read the rest of this entry »

In today’s world, organizations must consider the strength of their internal controls more than ever.  It is important to periodically review your internal controls to ensure that they are well-designed and operating effectively.  To determine if your system is well designed, take a particular type of transaction and trace it from its origin to its ultimate conclusion, asking yourself, “What could go wrong with this system?”  To evaluate the operating effectiveness, ask the various personnel involved in processing the transaction how they perform the various tasks, and watch them actually do the work.  You will be better able to determine if they are following the appropriate procedures.

When going throught this review, it is important to take the “person” out of the control and ask yourself, “If I had an unknown person performing this taks, would I be concerned?”  Because of the very nature of the types of services that most not-for-profits provide, they tend to hire caring, trustworthy individuals to perform various tasks.  While trust is certainly a needed attribute to have in an employee, it cannot serve as your only internal control.  If you also believe that an employee would never do anything wrong, you may be under a false sense of security.  We usually suggest to our clients that the internal controls be designed in such a way that it eliminates the opportunity for an employee to commit fraud.  This design not only can protect you, but the employee as well.

A key component of a well-designed internal control system is segregation of duties.  Proper segregation also helps to eliminate the opportunity to make errors or commit fraud.  To create proper segregation, the following tasks should be performed by different personnel:

• Authority (approving purchases, writing off bad debt, authorizing salary increases, approving new vendors)
• Custody (ability to write checks, make bank deposits, process cash receipts, manage inventory, make electronic withdrawals from bank and investment accounts )
• Recordkeeping (posting transactions to the general ledger, recording receivables and payables)

Need help in segregating functions or duties. Contact me.

In today’s world, organizations must consider the strength of their internal controls more than ever. It is important to periodically review your internal controls to ensure that they are well-designed and operating effectively. To determine if your system is well designed, take a particular type of transaction and trace it from its origin to its ultimate conclusion, asking yourself, “What could go wrong with this system?” To evaluate the operating effectiveness, ask the various personnel involved in processing the transaction how they perform the various tasks, and watch them actually do the work. You will be better able to determine if they are following the appropriate procedures.

When going through this review, it is important to take the “person” out of the control and ask yourself, “If I had an unknown person performing this task, would I be concerned?” Because of the very nature of the types of services that most not-for-profits provide, they tend to hire caring, trustworthy individuals to perform various tasks. While trust is certainly a needed attribute to have in an employee, it cannot serve as your only internal control. If you also believe that an employee would never do anything wrong, you are under a false sense of security. We usually suggest to our clients that the internal controls be designed in such a way that it eliminates the opportunity for an employee to commit fraud. This design not only can protect you, but the employee as well.

A key component of a well-designed internal control system is segregation of duties. Proper segregation also helps to eliminate the opportunity to make errors or commit fraud.

To create proper segregation, the tasks of:
(1) authority (approving transactions, writing off bad debt),
(2) custody (ability to write checks, make bank deposits, process cash receipts) and
(3) recordkeeping (posting transactions to the general ledger)
should be performed by different personnel or functions.

How do you, the organization, monitor internal controls? Write a comment…