INTEGRATED RISK MANAGEMENT AND GOVERNANCE

Nonprofit organizations can use their governance structures to prevent decisions of individual leaders and managers from leading an organization off the cliff. It is a responsibility of the board of directors to ensure that the decisions that are made and actions that are taken do no generate avoidable risks with potential to dissolve the organization. For example, the board can create a risk-management committee to oversee the risk-management process. The creation of a risk-management committee makes a statement that an organization does not intend to address risks in an informal manner. However, a risk-management committee can be effective only if empowered by the board to consider all aspects or facets of risks within an organization and make recommendations for actions to the board. Specific responsibilities of the risk-management committee will include, but are not limited to,

- Preparing risk management policies and plans

- Establishing procedures for the implementation of risk-management plans

- Establishing procedures for safety inspections

- Establishing and monitoring inspection schedules

- Developing contingency plans for crisis management

- Reviewing insurance policies of the organization for their adequacy

- Developing continuing-education programs for risk awareness

- Recommending best practices for risk prevention and management

- Making recommendations to the board on all matters related to risks involving the organization

COMMON AREAS OF RISKS FOR NONPROFIT ORGANIZATIONS

Special events and other fund-raising activities tend to be the most common areas of risk for nonprofit organizations. A nonprofit can be at risk on several different levels regarding both individual fund-raising and fund-raising through special events. The potential of risk is great when a nonprofit organization gathers together a lot of people. An accident can erase any funds generated by a nonprofit organization. No matter how well planned, the event can be a disaster if anything goes wrong. To prevent this, there should be an event director, a committee, whenever possible, devoted to planning, directing, and managing every logistical detail to ensure that continuous communication is taking place.

Not all fund-raising is done through major events. In fact, most nonprofits count on individual donors for the majority of their revenue generation. Many organizations rely heavily on their volunteers to take on formal responsibilities, such as when they accept the role of board member, as well as driving many of the programs and fund-raising efforts. Understaffed and overworked nonprofits tend to accept volunteers—who may be no more than warm bodies—and put them to work on projects and programs. This can lead to incredible risk if there is no vetted process to ensure that volunteers meet a certain criteria. Insufficient internal controls, programs that continuously run at a deficit or ineffective fund-raising activities can all put the organization at risk. Costly and inefficient programs can also put the organization in a dangerous financial situation as can fund-raising activities that are not carefully managed and measured.

RISK AND ACCOUNTABILITY ISSUES

Nonprofit organizations must comply with all legally required reporting procedures. They have an obligation to use resources responsibly toward achieving the mission of the organization and to benefit the community. They have a responsibility to establish and regularly determine clear performance measurements and to share those results with the public. They have a responsibility to adhere to established industry standards that apply to particular areas of activity. However, there is a risk that fraud, corruption, or lack of internal monitoring can negatively affect the assets of a nonprofit organization.

What is fraud? According to Miriam-Webster's Dictionary of Law, fraud is "any act, expression, omission, or concealment calculated to deceive another to his or her disadvantage" (Figure 16.1).

Anatomy of fraud: Fraud exists if:

- A statement is materially false

- Knowledge that the statement is false when made

- A victim relies on the statement

- The victim suffers damages as a result of relying on the false statement See Figure 16.2 for a depiction of the anatomy of fraud.

For example, during the past 3 months, Erin never worked for more than 20 hours per week, because of a change in her class schedule. In her time sheet, she reported that she worked for 40 hours per week. The administrative director found out, and fired Erin's

FIGURE 16.1 Definition of fraud.

Source: Merriam-Webster (1996).

FIGURE 16.2 Anatomy of fraud.

supervisor for complicity. Would you consider that as fraud? Of course, it is. There was a materially false statement made. Erin worked for 20 hours, but stated that she worked for 40 hours. There is no doubt that such a statement is materially false. Erin knows how many hours she worked. Therefore, she had the knowledge that the statement was false when she submitted her time sheet. Erin's supervisor relied on that false statement to process payroll. Her supervisor suffered damages as a result of her false statement. This is clearly a fraud.

What is corruption? Corruption is the use of public or community trust for personal gain. Corruption can occur in the form of a bribe, reward, extortion, or conflict of interest (Figure 16.3).