We have finally made it through our busy audit season and are anxiously looking forward to some well-deserved vacation time this summer. Right now we are finishing of the last few Management Letters for our Not-For-Profit clients and it is interesting to reflect back on the common thread of weaknesses, deficiencies or just areas for minor improvement.
Clearly advancing technology is here to stay and every year there are new developments that make our lives easier with the day-to-day procedures in the Finance area of our Not-for-Profit organizations (whether it just be a one person finance function or a burgeoning finance team). However, we are finding that in general when an existing financial procedure is replaced by a more efficient technological application, there tends to always be compromise in control. We find that quite often organizations do not take the extra steps necessary to set up new controls to offset the control breakdown that have resulted.
The following are some very common control weaknesses that we have turned up in our 2015 audit season:
- Approval Process with On-line payments: Many organizations have moved away from paper cheques and are now making most of their supplier payments through their bank’s online payment system (whether it be called Electronic Fund Transfer (EFT) or ACH or something else). Especially when cheque signers are not in house and/or frequently on the road or travelling, this has made everyone’s lives so much easier. For instance, it is so easy to login to your bank from a hotel room and approve the monthly payments rather than driving through traffic to meet the bookkeeper at a local coffee shop and sign cheques! However, we have found that the approval system set up for online payments is sometimes compromised. Sometimes it is the bank’s fault in that the bank representative helping you set-up your online payment system does not understand the control needs of the organization so does not offer the service package that you need. It is very important that the approval system for the online payments mirrors the signatures required for paper cheques. This can be set up by the bank using different levels of authority authorization and payments tokens. In addition, it is very important that the supporting invoices/documents for the payment be scanned to the signing officer and an email approval kept on file. It tends to be a bit of a hurdle to get all of this set-up, however, it is well worth the effort with the greater efficiencies achieved by your organization.
- Use of Credit Cards by Management: Another common trend has been that Management (for instance the Executive Director) has a company credit card to pay many of his/her businesses expenses. Banks have not made it easier for us in that they will automatically debit our bank accounts for the amount of the outstanding credit on the payment due date. The result is that the credit card sometimes does not get reviewed by any of the cheque signers. As we know, credit card bills are usually for thousands of dollars so this is a material control break down. Therefore it is very important that credit card statements with supporting receipts be reviewed by those charged with governance (mirroring the cheque signing requirements) on a monthly basis. Again this can be done by scanning the statements and receipts to the relevant people and the approval can be a return email which is saved either as a hard or soft copy. It is important that we stress that receipts must be kept for proper payments support…..CRA will expect to review the receipts when and if they come to audit! Sometimes an organization will make a policy that receipts for small amounts under $20 is not necessary….this helps to streamline things and is generally acceptable.
- Review of Bank Reconciliations: Using your Accounting Software of choice to perform the bank reconciliation has become a common practice. However, we find that quite often the accounting person will perform the bank reconciliation and not print it out or get it approved by an independent person. This opens up a wide door for misallocating funds which could go unnoticed for months. So, it is very important that the bank reconciliation is printed out and reviewed and approved (by signature) with the bank statement on a monthly basis by a person charged with governance. (For instance the Executive Director or the Treasurer). Again, if it is awkward to have the paper copy reviewed and approved this can be done by scanning and emailing and proper soft copy storage of the email approvals.
- Review of General Journal Entries: Journal entries are an efficient way to reallocate amounts between General Ledger accounts within your accounting software. Quite often these entries can be very large dollar amounts. In the “old days” we would have Journal Entry vouchers which would be reviewed and signed by the appropriate signing officers with related support for the entry and then filed away neatly in a binder. However, with the introduction of more advanced Accounting Software this approval process has tended to have gone out the window and large General Journal Entries are frequently made without support. So, once again, this opens a huge door for misallocation of funds. Therefore, it is important that organizations develop a policy for General Journal Entry Approval. The reviewers should review the Journal Entry with support and explanation. Again, there needs to be a proper method to store soft or hard copies of the Journal Entry support and related approvals.
- Outsourcing of Payroll: It is now almost a forgone conclusion to process Payroll through on outside service provider (for instance, ADP, Ceridian, Payweb etc). This is definitely more cost effective and creates huge efficiencies on a weekly, monthly and particularly annual basis when it comes to producing T4’s etc. However, approval processes have tended to breakdown as a result of outsourcing payroll. This opens another door for misallocation of funds by the person responsible for inputting the payroll. A control needs to be in place where a person charged with governance review and approve with signature the each Payroll Registers. These review and approvals can be done through emails and the approved document saved in hard or soft copy.
- Fund-raising Events and Silent/Live Auctions: Holding fundraising events are frequently a life-line for Not-for-Profit organizations and helps to raise funds for the organization in general or a Special Purpose. These events could consist of Admission fees, raffles, drink and food sales and silent/live auctions. A considerable amount of time and effort goes into planning these events and there tends to be large amounts for funds raised. However, we have found that once the events are over there is frequently not a proper set of controls to ensure that the various sources of funds are collected, deposited to the bank and recorded properly in the organization’s accounting records. For instance, we found one organization which held a live auction and had several stations to process credit cards. One of the credit card stations was not closed off properly and therefore the funds over $10,000 were never collected. We cannot stress how important it is to have a financial control process in place from the beginning of the planning of an event and ensure that finance personal attend the events to oversee the controls.
- Regular Financial Reporting to the Board: It may seem obvious, however, we have found that some organizations have moved away from a stringent process of presenting a regular (usually monthly or quarterly) financial package to the Board. This may have happened due to time constraints, improper financial guidance and governance, funding cutbacks or many other reasons. If anything, it is important that the Board review and approve Financial Reports regularly. This is an overriding control which, if the review is done properly, will reveal financial irregularities, negative financial trends or other important information to the Board.
- Financial Professional on the Board: We frequently see Boards where the Treasurer does not have a financial background. This tends to create a problem when it comes to fulfilling the needs of the Treasurer role which has many requirements such as review of Financial Reports, Approval of Documents, Approval of payments, Overseeing the audit and Development of proper financial governance policies (such as many of the items we have previously discussed). A person without a financial background is not properly trained to fulfil these responsibilities and, as a result, the organization could be weakened. Recruiting a financial professional to your Board could be very easy by just asking your auditor for a referral or contacting CPA Canada or CPA Ontario…or just asking around through your network. There are many well-qualified CPA’s looking for volunteer Board positions. We encourage you not to shortchange your Board by not recruiting an experienced person.
To this end, we hope that we have provided some insights into the various areas that we have seen weaknesses or potential weaknesses we have seen during our 2015 Audit Season. Hopefully, these might help with your own Not-for Profit. We would be pleased to chat with you regarding concerning any of the items that we have discussed and how these might apply to your organization.
Written by: Kathy Steffan CPA CA, Partner, Welch LLP [email protected]
Contributions by:Virginia Lackey CPA CA CIA, Director of Assurance and Senior Manager, Welch LLP [email protected]
Tri Huynh CPA CA, Manager, Welch LLP [email protected]