| |
||
| February 15, 2005 | The
Monthly Newspaper of the NYSSCPA |
Vol.
8, No.3 |
Nonprofit Conference Paves Way
Best Practices Defined
By
Stephanie R. Myers and Jay
Dismukes
Continued from the Home
Page
The attorney, Michael Cooney, partner with the national law firm of Nixon Peabody, LLP, was one of several speakers who provided attendees of the Jan. 26 Nonprofit Conference with a battery of best practices to bear in mind. Sponsored by the Foundation for Accounting Education, the conference laid out critical rules of the road for nonprofit professionals and CPAs who work with them, touching on everything from registered fundraisers to SAS 99 to the significance of proactive boards.
One area that Cooney advised CPAs with nonprofit clients to consider is an organization’s code of ethics. The CPA and the organization should periodically ask themselves whether the provisions in the code are actually being followed. Failing to meet stipulations can draw scrutiny by regulators, Cooney said.
For that matter, so too can excessive compensation for CEOs, CFOs and board members of not-for-profits. In what he said is a “big concern,” Cooney noted that the Internal Revenue Service and attorneys general have taken increased interest in this issue, contacting thousands of charities to find out about their compensation practices. Compensation that is not commensurate with the services being provided can create unwanted media headlines and is considered an “easy case” for an attorney general to tackle.
Good business prudence, according to Cooney, also includes the creation of an audit committee and minutes from its meetings; implementation of conflict-of-interest, gift-acceptance and document-retention policies as well as whistleblower protections; and in New York, specifically, confirmation that professional fundraisers and telemarketers are registered with the state. On this last point, Cooney said the Charities Bureau of the state attorney general’s office is “cracking down hard,” as part of a broader push to curb abuse in the nonprofit sector.
SAS 99
Following Cooney’s presentation, John F. Heveron Jr., of Heveron & Heveron, CPAs, PC, discussed best practices for SAS 99. The AICPA standard, which went into effect in December 2002, calls for auditors to hold brainstorming sessions with the entire engagement team to discuss how fraud might occur in a client’s company, as well as increased scrutiny of documentation, interviews with the client’s employees and other measures to reduce the risk of fraud.
Among the steps that Heveron said CPA firms have found beneficial are giving clients letters about SAS 99 that are to be distributed to their employees, meeting with CFOs and CEOs independently, performing unpredictable tests and requiring information without too much advance notice. Enough staff should be interviewed (anywhere from 10 to 20 people), with an eye for nonverbal reactions and periodic reminders that the discussions will be kept confidential. Firms noted that interviewees generally were more inclined to talk when interviewed by experienced auditors and firm partners, Heveron said.
CPAs may also want to compare vendor addresses with those in the client’s payroll journal, as well as look for fictitious employees, Heveron said.
Internal Controls
Implementing and maintaining internal controls within nonprofit organizations has become a growing concern in recent years as incidents of fraud have led to the increased scrutiny of many nonprofits’ finances.
Hilda Polanco, managing director of Fiscal Management Associates LLC, spoke on the importance of internal controls as a checks-and-balances system for nonprofits, during an afternoon conference session. Polanco pointed out that fraud is more likely to occur in the upper levels of a nonprofit and that, statistically, financial loss caused by managers is four times that caused by employees.
“Why are nonprofits so vulnerable to fraud? Most fiscal departments are understaffed,” Polanco said, acknowledging that there also tends to be a lack of financial knowledge at the higher levels of an organization.
Polanco said that some nonprofits have weak or no internal controls, which can open up the organization for potential fraud problems, especially when authority is delegated from the executive level to a trusted deputy.
“Each time you (as a CPA) meet with an executive, you are a trainer,” Polanco said. “What are the areas we see the greatest weaknesses in? Budgeting and cash flow.”
Polanco also pointed out the importance of nonprofit organizations being able to track their immediate funds, and emphasized that an online banking account that provides the user with a basic balance inquiry function is essential. She said that despite misgivings by some about the security of online bank accounts, such accounts generally are protected.
“It’s a wonderful service knowing that wire transfers are not allowed,” Polanco said.
For businesses, Polanco said, it’s imperative that paying attention to internal controls becomes a constant practice.
“Internal controls is not a once-a-year event,” Polanco said. “Make sure the systems are in place. It’s the way you should run your business.”
Preventing Fraud
Fraud within nonprofit organizations can happen on several levels and in a variety of different forms, stressed conference cochair Allan Blum, partner at Loeb and Troper.
During his session, Blum emphasized the importance of closely guarding one’s personal information, such as credit card numbers, in order to avoid identity theft.
“Identity theft is very, very common, and most people who commit identity theft are not caught,” Blum said.
Blum mentioned the identity theft case at radio station WNYC, where maintenance workers are alleged to have sold donors’ credit card information to an identity theft ring.
“Within credit card usage, we have to be very careful...I still am not comfortable with credit card usage when they are not necessary to be used,” Blum said.
He said that fraud within an organization can be difficult to detect, as it can potentially be committed using a variety of methods, from billing and payroll schemes to check tampering.
One solution to fraud lies with the board of directors of an organization, which Blum said should be independent from management. The board members should “serve where they have knowledge,” Blum said, and the board as a whole should review the executive director’s timesheets and expenses and also supervise executive compensation.
“The board of directors must ‘walk the walk’ and show that the tone is really there,” Blum said. “What is their responsibility? Oversight.”
If fraud is detected
within an organization, Blum noted, the individuals that committed the
fraud must be dealt with appropriately.
“When fraud occurs, we have to stop the bleeding with the employee
that committed the fraud,” Blum said.
While it’s important to examine the fraud and eventually make sure appropriate action is taken against the individual who committed the fraud, it’s equally vital to follow the proper procedures.
“If a fraud does occur, you cannot threaten them with jail time or restitution,” Blum said. “You have to investigate and make sure the fraudster is dealt with in a proper way.”
Legislation
During the conference, several speakers reported that the state attorney general’s office has indicated it does not plan to reintroduce proposed legislation concerning governance and accountability in New York’s nonprofit sector. The bill, which would impose Sarbanes-Oxley–style provisions on not-for-profits, first came to light two years ago during the 2003 Nonprofit Conference, at which Eliot Spitzer spoke, and was introduced again last year. Sources say other proposed legislation from the Charities Bureau may surface sometime this year; however, details are not currently available.
Strong Showing
Nearly 430 people attended the 27th Annual Nonprofit Conference. The NYSSCPA’s Not-for-Profit Organizations Committee, chaired by Allen L. Fetterman, sponsored the conference,which took place at the Crowne Plaza in New York City. Committee members Ian J. Benjamin and Blum cochaired the event.
