• +263 242 306 315

Blog Description

blog

Internal Controls for NGOs

Posted on 18 November, 2022 at 15:59

The main reasons why organisations overlook internal controls; ignorance of the required control and mutual trust where personnel assumes everyone is properly executing their roles.

 Internal controls refer to the policies, processes, tasks, behaviours, and other aspects of an organisation that are taken together to facilitate effective operation by enabling it to respond in an appropriate manner to significant business, operational, financial, compliance, and other risks to achieve its objectives. Internal controls ensure the quality of internal and external reporting, which in turn requires the maintenance of proper records and processes that generate a flow of timely, relevant, and reliable information from both internal and external sources. They also ensure compliance with applicable laws and regulations and also with internal policies.”

Most NPOs have boards that are responsible for ensuring that appropriate internal controls are in place. In some cases, the directors may consider it prudent to establish a dedicated internal control function. The point at which this decision is taken will depend on the extent to which the benefits of function will outweigh the costs. The directors must pay due attention to the control environment. If internal controls are to be effective, it is necessary to create an appropriate culture and embed a commitment to robust controls throughout the organisation.
Controls can be categorised in many different ways. Figure 1 described five categories that are often used.

The components of internal control

  1. Control environment

              Leadership can influence controls by,


Setting the right tone at the top

Leadership needs to lead by example. Leadership should not be exempt from internal control activities, for example, they should submit receipts for approval.
 

  • Creating a culture of financial discipline

Policies and procedure manuals should be monitored regularly by the leadership. For example, budgets should be approved by the Board and regularly monitored by leadership.

  • Promoting transparency

Leadership should promote and encourage an open and transparent environment. For example, to promote transparency policies like the whistle-blower policy, a conflict of interest policy should be established
 

  • Policies and procedures

Procedures are specific tasks and measures developed and implemented by management.
Policies are resolutions adopted by the Board
Some of the policies that are critical and that reduce risk are as follows:

Risk assessment process This component deals with how the organisation assesses the risks which face the organisation and how they should be addressed.
The risk assessment process involves:

  • identifying business risks relevant to financial reporting objectives
  • assessing the likelihood and frequency (occurrence) of risks identified
  • estimating the potential impact (significance of) if the risk was to occur
  • deciding about actions to address the risks

In a large organization, the risk assessment procedures may be very formal and specific, and the following are very common;

  • the appointment of risk committees and risk officers
  • the engagement of external risk consultants
  • the use of risk models
  • regular meetings at divisional, departmental and sectional levels to consider the risks at those levels.
  • strategy meetings involving senior management to assess risk at an overall level.  

  • Control Activities

These are the actions, supported by policies and procedures which are carried out to manage or reduce the risks that the objectives of the organization will not be met.
There are numerous control activities with different objectives and which are applied at different organizational levels and functions. Control activities are listed as follows:

  • procedures supported by policies
  • approval, authorization
  • segregation of duties
  • comparisons and reconciliations

  • Monitoring of controls?

The final component of internal control is monitoring. This involves the assessment of internal control performance over time. Management sets up internal controls with the intention of reducing the risks that the organisation’s objectives will not be met. Monitoring is the component of the process which tells management how they are doing. Successful monitoring is achieved by ongoing assessment by management itself, supervisory staff such as department heads, or “independent” bodies such as internal audit or risk committees.
Monitoring of the internal control process is not only about determining whether the control activities are actually taking place but, also about determining whether the controls are effective.
It is important for organisations to put in place controls that are effective to enable the organization to achieve its objectives. It is more important for organisation to have Standard Operating procedures and Policies this will ensure internal controls are more efficient in the organisation.

Over the years KFM Consultants has assisted Non Profit Organizations (NPOs) to ensure that their financial management, governance and sustainability policy adequately and efficiently addresses challenges and reduces risks. This in turn enables NPOs to achieve their goals, be accountable to and gain the confidence of funding partners and other stakeholders.

  • +263 242 306 315
  • 7 Flushing Close, Mabelreign, Harare, Zimbabwe
Copyright © | Designed And Developed By: NMap Technologies
NMap Technologies