Retention of documents related to lawsuits is one of only two provisions of Sarbanes-Oxley that are applicable to nonprofits. Nationally recognized nonprofit attorney Tom Silk wrote this Model Document Retention Policy on a pro bono basis for CompassPoint Nonprofit Services to use and to make available for all nonprofits.
This document management policy is designed to conform with the charitable laws of states which, like California, given the Attorney General an unusually long statute of limitations (10 years) within which to bring an action for breach of charitable trust.
Three items to note in particular:
- First, think about this as part of document management, rather than simply document retention; holding on to documents too long is an unnecessary expense.
- Second, there may be some documents that are worth saving for the community’s sake or for the sake of clients that go beyond these legal guidelines.
- And third, remember that e-mail messages are documents that should conform to these guidelines.
Document Management Policy
For each document, add its location or where it is stored.
- Accounts payable ledgers and schedules: 10 years
- Accounts receivable ledgers and schedules: 10 years
- Audit reports of accountants: Permanently
- Bank statements: 10 years
- Capital stock and bond records: ledgers, transfer payments, stubs showing issues, record of interest coupon, options, etc.: Permanently
- Cash books: 10 years
- Checks (canceled, with exception below): 10 years
- Checks (canceled, for important payments; i.e., taxes, purchase of property, special contracts, etc. [checks should be filed with the papers pertaining to the underlying transaction]): Permanently
- Contracts and leases (expired): 10 years
- Contracts and leases still in effect: Permanently
- Correspondence, general: 4 years
- Correspondence (legal and important matters): Permanently
- Depreciation schedules: 10 years
- Donation records of endowment funds and of significant restricted funds: Permanently
- Donation records, other: 10 years [Note: Donation records include a written agreement between the donor and the charity with regard to any contribution, an email communication or notes of or recordings of an oral discussion between the charity and the donor where the representative of the charity made representations to the donor with regard to the contribution on which the donor may have relied in making the gift.]
- Duplicate deposit slips: 10 years
- Employee personnel records (after termination): 7 years
- Employment applications: 3 years
- Expense analyses and expense distribution schedules (includes allowance and reimbursement of employees, officers, etc., for travel and other expenses: 10 years
- Financial statements (end-of-year): Permanently
- General ledgers and end-of-year statements: Permanently
- Insurance policies (expired): Permanently
- Insurance records, current accident reports, claims, policies, etc.: Permanently
- Internal reports, miscellaneous: 3 years
- Inventories of products, materials, supplies: 10 years
- Invoices to customers: 10 years
- Invoices from vendors: 10 years
- Journals: 10 years
- Minute books of Board of Directors, including Bylaws and Articles of Incorporation: Permanently
- Payroll records and summaries, including payments to pensioners: 10 years
- Purchase orders: 3 years
- Sales records: 10 years
- Scrap and salvage records: 10 years
- Subsidiary ledgers: 10 years
- Tax returns and worksheets, revenue agents’ reports, and other documents relating to determination of tax liability: Permanently
- Time sheets and cards: 10 years
- Voucher register and schedules: 10 years
- Volunteer records: 3 years
Warning: All permitted document destruction shall be halted if the organization is being investigated by a governmental law enforcement agency, and routine destruction shall not be resumed without the written approval of legal counsel or the Chief Executive Officer.
[Note: this language, which is not typically included in document management policies from accounting firms, provides important additional guidance and protection for the organization.]
Note that organizations that see patients or clients may also have special document retention and privacy policies related to patient and client information.