Somehow, all the publicity about Sarbanes Oxley made it seem as if this legislation applied to nonprofits, too. But contrary to what is frequently thought (and said in nonprofit boardrooms!), Sarbanes-Oxley is not applicable to nonprofits, albeit with just a couple of exceptions. In other words, there are a couple of small points to note (templates later in this article), a lot to relax about, and a lesson to be learned in nonprofit leadership.
You may remember that this multi-component legislation (nicknamed SOX) was passed by the U.S. Congress in 2002 in response to a large number of for-profit scandals involving Enron, Tyco, WorldCom, Arthur Anderson, and others. Extreme fraud, conflicts of interest on boards, unethical executive compensation practices, and improper auditing led to the failure of these mega-companies and deep, negative impacts on consumers, shareholders, employees, and many other individuals and institutions.
In response, Sarbanes-Oxley set in place a number of required processes for publicly held corporations (corporations that issue stock to the public), of which the best known may be the requirement that the CEO personally vouch for the accuracy of financial statements and that the external audit firm be different from the firm providing financial consulting.
There are only two aspects of Sarbanes-Oxley that are applicable to nonprofits:
- Strengthened whistleblower protection and
- Retention of documents related to lawsuits
The new Form 990 also asks whether you have policies related to these two areas, making it more important to get them adopted. To make it easy, nationally recognized attorney Tom Silk of Silk Nonprofit Law has created model policies in each of these areas, and made them available at no charge to the nonprofit community through CompassPoint Nonprofit Services. Blue Avocado is pleased as well to be able to present these for use by nonprofits. See the end of this article for links to these templates.
Perhaps the most intriguing aspect of Sarbanes-Oxley is that many of the provisions it mandated for for-profit businesses were already common, nearly universal practices in nonprofits, including:
- Requirement that the audit committee be comprised of board members
- Requirement that audit committee members not be on staff, and
- Prohibition of loans from the organization to board members.
Although Sarbanes-Oxley was not aimed at nonprofits and its key provisions are already widely practiced in nonprofits, some voices in the nonprofit sector saw the law’s passage as a wake-up call for nonprofits to adopt a variety of governance and financial practices. For example, Independent Sector, the national coalition that proposes standards for nonprofit governance, now suggests that nonprofit boards include at least one “financial expert,” and provide “financial literacy training” to all board members. While such practices may be good ideas for some organizations, turning them into requirements would be, for most organizations, defensive, unnecessary moves. (Two whitepapers that explore possible implications are The Sarbanes-Oxley Act and Implications for Nonprofit Organizations from BoardSource and Ten Emerging Principles of Governance of Nonprofit Corporations and Guides to a Safe Harbor by Tom Silk.)
The bottom line for nonprofits and Sarbanes-Oxley?
A. Adopt and implement a whistleblower policy.
B. Adopt and implement a document retention policy
C. Consider formalizing such non-required practices such as:
- If you have an audit committee, have it comprised of board members who are not also on staff, and if you are audited but don’t have an audit committee, consider forming such a committee or task force
- Prohibit loans from the organization to board members (some states’ corporate laws prohibit this)
- If you have a financial consulting firm, choose one that is different from your auditing firm
- Have the full board approve compensation for the executive director and the top staff financial officer
- Adopt an Ethics or Conflict of Interest Policy
Upcoming issues of Blue Avocado will discuss Ethics and Conflict of Interest Policies and include Model Policies. See also:
- Model Document Retention Policy for Nonprofits by Tom Silk
- Is It Time for an Audit? by Jeanne Bell
Special thanks to attorney Michael Schley and CPA Steve Zimmerman for assistance on this article as well as to the brilliant and generous Tom Silk. This article is adapted from The Best of the Board Cafe, Second Edition, published by Fieldstone Alliance in the fall of 2009. Click here to order.