The Sarbanes-Oxley Act of 2002 (SOX) was a response to widespread corruption/fraud by publicly-traded US corporations at the time – WorldCom, Enron, etc. This legislation was not intended to apply to nonprofits but several states attempted to pass similar legislation. In 2005, discussions began regarding whether federal legislation was necessary. It was decided that the IRS would apply pressure on nonprofits by including certain requirements in the 2009 IRS form 990 filed annually.
Original SOX principles 2002
Sarbanes-Oxley imposed high standards of ethical and fiduciary responsibility for publicly-traded corporations. These measures were meant to improve public confidence in the integrity of American corporations. New requirements included board integrity, auditor independence, retention of audit firm for other work, board audit committee, record retention, financial statement review, and insider transactions and disclosure. Criminal penalties for misconduct were added for certain infractions.
Changes in form 990 for 2008 fiscal year
The new form includes sweeping changes from the old, financial-intensive 2007 form. First, there is a phase-in period for the 990-EZ form small organizations must file and who are assumed to have the most to change. The 990 is longer but there are less financial questions and more attention to governance, policies, executive compensation and prohibited transactions. Further, there is more attention to establishing a connection between significant expenditures and the original purpose of the organization or mission statement, new and not a part of the original SOX legislation therefore addressing nonprofits head on.
What about enforcement?
See the June 2009 remarks by Sarah Hall Ingram, IRS Commissioner on June 23rd to Georgetown University, for more insight into future plans for IRS enforcement strategies. Ms Ingram provides a clear outline of IRS plans for nonprofit compliance audits at Sarah Hall Ingram remarks.
(New) Written policies
Nonprofits are asked on the 990 about (and encouraged to have) the following policies: conflict of interest, whistleblower protection, document retention especially when facing a lawsuit, and how executive compensation is set.
Nonprofit steps to minimize risk
Considering where the IRS is headed and the sweeping changes of the 990, some board action is warranted. Most of these strategies would be a part of any sound, professionally run nonprofit. I suggest the following:
- Focus on accomplishing your social mission using measurable outcomes;
- Ensure that the largest program expense areas can be tied to achievement of the organization’s mission;
- Research the required content in the following policies and then adhere to them consistently:
- Conflict of interest
- Whistle-blower protection
- Document retention during pending lawsuits
- Independent review of CEO compensation
- Obtain a periodic, third party expert market review of executive compensation, document this and pay reasonable salaries;
- Board members – should make meaningful procedural inquiries about internal financial controls;
- Prepare accurate financial statements, on time;
- Maintain an independent Audit Committee separate from the Finance Committee, with at least one audit expert member; and
- Ensure that an annual financial audit is carried out by reputable, experienced accounting firm and do not use this firm for regular management consulting bid this contract out periodically.
Hall Ingram, Sarah, Nonprofit Governance – the View for the IRS, June 23rd 2009; IRS Overview of form 990 Redesign for Tax Year 2008; IRS Form 990 2008 (The 2008 form was first filed at the end of the 2009 fiscal year)