Only some not-for-profit organizations are required to conduct independent annual audits. For example, the federal government and many states mandate an audit if a nonprofit receives more than a specific amount in charitable donations. Some grantmakers and lenders may do so as well.
But even if audits aren’t required, they’re a good idea for all organizations. They can alert you to critical shortcomings, promote transparency and help reassure donors and grantmakers that your nonprofit is taking steps to reduce risk. What’s more, recommendations contained in your audit report can be a treasure trove of information on how to strengthen internal controls.
Stronger segregation of duties
Better segregation of staff duties is a common auditor recommendation, especially in small organizations. Let’s say, for example, that an auditor discovers a nonprofit’s office manager makes bank deposits, reconciles bank statements and mails vendor payment checks. The manager also has check-signing authority for purchases under $500 and posts all cash receipts and disbursements to the general ledger.
Giving one person, no matter how honorable and trustworthy, all of these duties is a recipe for fraud or error. The idea behind segregation of duties is to avoid putting an employee in a position where he or she could both perpetrate and conceal fraudulent acts or make mistakes that could easily go undetected.
In this case, the auditor’s recommendations might include asking the bank to directly mail the monthly statements (with images of the cleared checks) to the executive director or treasurer. The recipient would then open and review the statements before giving them to the office manager. An alternative is to offer those with oversight responsibilities “read-only” access for online banking records.
Better documentation
Sometimes, an audit might show that an organization has adequate internal controls, including various checks and balances. However, documentation of these controls may not be sufficient.
For example, an audit might reveal that an organization isn’t properly documenting its authorization of expenditures. Auditors could recommend, among other measures, that the nonprofit’s managers sign off on monthly bank reconciliations.
Look for ideas
Your executives and board should carefully review your auditors’ findings after an annual audit and correct any deficiencies or weaknesses they identify. But even if the auditors don’t specifically mandate changes, you should pay attention to recommendations and mine the report for policies or procedures that could use improvement. Contact our nonprofit team for help bolstering your internal controls.
© 2025