Sarbanes-Oxley Act of 2002

From Guidelines & Principles
Revision as of 17:27, 24 December 2018 by NonprofitAM (Talk | contribs)

Jump to: navigation, search

The Sarbanes-Oxley Act was signed into law on July 30, 2002. Passed in response to the corporate and accounting scandals of Enron, Tyco, and others of 2001 and 2002, the law's purpose is to rebuild public trust in America's corporate sector. The law requires that publicly traded companies adhere to significant new governance standards that broaden board members' roles in overseeing financial transactions and auditing procedures.[1]

While nearly all of the provisions of the Act apply only to publicly traded corporations, the passage of the bill served as a wake-up call to the entire nonprofit community. Indeed, several state legislatures have already passed or are considering legislation containing elements of the Sarbanes-Oxley Act to be applied to nonprofit organizations. In many instances, nonprofit organizations have adopted policies and altered governance practices in response to the Act.[2]

Nonprofit leaders should look carefully at the provisions of Sarbanes-Oxley, as well as their state laws, and determine whether their organizations ought to voluntarily adopt governance best practices, even if not mandated by law. This report will review those provisions and assess their relevance to nonprofit organizations.[3]

Independent Audit Committee

SEE ALSO: AUDITS

The Sarbanes-Oxley Act requires that each member of a company’s audit committee be a member of the board of directors and be independent. “Independence” in the Act is defined as not being part of the management team and not receiving any compensation (either directly or indirectly) from the company as a consultant for other professional services, though board service may be compensated.

While not all nonprofits conduct outside audits, most nonprofit boards have established one or more financial committees (e.g., finance, audit, and/or investment). In those organizations that undertake annual audits, particularly medium to large nonprofit organizations, the board is likely to have a separate audit committee or subcommittee.

Conflict of Interest Policy (Insider Transactions)

From the Independent Sector:

"Nonprofits are currently highly regulated with respect to financial transactions that take place within the organization. Private inurement, excessive personal benefit, and self dealing all cause serious penalties for any nonprofit that steps out of line. “Intermediate sanctions” laws specifically address compensation and excess benefit transactions with “disqualified” individuals, generally board members and executive staff. Because the practice of providing loans to nonprofit executives has been a source of trouble in the past and because this practice is specifically prohibited under Sarbanes-Oxley and in some states, it is strongly recommended that nonprofit organizations not provide personal loans to directors or executives."[4]

From the National Council of Nonprofits: "A policy governing conflicts of interests is perhaps the most important policy a nonprofit board can adopt. To have the most impact, the policy should be in writing and the board (and staff) should review the policy regularly. Often people are unaware that their activities are in conflict with the best interests of the nonprofit so a goal for many organizations is to simply raise awareness and cultivate a “culture of candor.” It is helpful to take time at a board meeting annually to discuss the types of situations that could result in a conflict between the best interests of the nonprofit – and the self-interest of a staff member or board member.

A conflict of interest policy should (a) require those with a conflict (or who think they may have a conflict) to disclose the conflict/potential conflict, and (b) prohibit interested board members from voting on any matter that gives rise to a conflict between their personal interests and the nonprofit’s interests. Beyond those two basics, it is helpful for each nonprofit to determine how conflicts at the board and staff level will be managed. Keep in mind that the revised 990 asks not only about whether the nonprofit has a written conflict of interest policy, but also about the process that a nonprofit uses to manage conflicts as well as how the nonprofit determines whether board members have a conflict of interest."[5]

Document Retention Policy

From the National Council of Nonprofits:

"The Sarbanes-Oxley Act’s prohibition of the destruction of documents that are subject to review in litigation provides an additional rationale for every nonprofit adopting a document retention policy. This will create a regular business practice of systematic document destruction in accordance with an approved schedule. Having a written policy, and regular business practice of document destruction according to a schedule, lets people know what documents to retain (and for how long). Such a policy is not only a prudent practice but also sound risk management.

The process of developing a document retention policy involves: (1) Identifying what types of paperwork (and electronic files) your nonprofit generates; (2) Determining the appropriate (and legal) length of time to retain them; and (3) Recording those retention times on a written schedule.

Unfortunately there is no one regulation or guideline that governs document retention for all nonprofits. Laws relating to document retention are state-specific in many cases (such as those governing employment/payroll). In some cases the length of time to retain a document should be governed by the time period that a potential claimant has to bring a claim in that state, which can differ from state to state. Also, many nonprofits, particularly those engaged in providing health-care services or those serving minor children, are subject to retention requirements that are specific to, or prudent for, the services they provide."[6]

Whistleblower Protection Policy

From the Center for Nonprofit Excellence:

"The Sarbanes-Oxley Act provides protections for whistle-blowers and imposes criminal penalties for actions taken in retaliation against those who risk their careers by reporting suspected illegal activities in the organization. It is illegal for any entity — for-profit and nonprofit alike — to punish the whistle-blower in any manner.

Written policies that are vigorously enforced by executive staff and the board send a message that misconduct is not tolerated. These policies should cover any unethical behavior within the organization — including sexual harassment.

Each organization must develop procedures for handling employee and volunteer complaints, including the establishment of a confidential and anonymous mechanism to encourage employees and volunteers to report any inappropriateness within the entity's financial management. No punishment for reporting problems — including firing, demotion, suspension, harassment, failure to consider the employee for promotion, or any other kind of discrimination — is allowed. Even if the claims are unfounded, the organization may not reprimand the employee. The law does not force the employee to demonstrate misconduct; a reasonable belief or suspicion that a fraud exists is enough to create a protected status for the employee."[7]

Resources & Sample Documents

Sarbanes-Oxley General

GuideStar: Sarbanes-Oxley Act and Implications for Nonprofits

IRS.gov: Governance and Tax Exempt Organizations

Conflict of Interest Policy

National Council of Nonprofits Conflict of Interest

Blue Avocado Nonprofit Conflict of Interest: A 3-Dimensional View

Nonprofit Risk Management Center: Resources for Developing or Revising Conflict of Interest Policies

Sample Conflict of Interest Policies

Nonprofit Risk Management Center Sample Conflict of Interest Policy and Other Resources (Word Doc)

IRS.gov Sample Conflict of Interest Policy

Document Retention Policy

National Council of Nonprofits: Document Retention Policies

BlueAvocado.com: Sample Document Retention Policy

Charities Review Council: Sample Document Retention Policy

Nonprofit Resource Center: Sample Document Retention Policy

Whistleblower Protection Policy

BlueAvocado.com: Sample Whistleblower Protection Policy

National Council of Nonprofits: Whistleblower Protections for Nonprofits

Articles

Sarbanes-Oxley: Ten Years Later | Nonprofit Quarterly | December 30, 2012

Notes

  1. http://www.councilofnonprofits.org/sites/default/files/Implications%20of%20the%20Sarbanes%20Oxley%20Act%20for%20Nonprofits.pdf
  2. http://www.councilofnonprofits.org/sites/default/files/Implications%20of%20the%20Sarbanes%20Oxley%20Act%20for%20Nonprofits.pdf
  3. http://www.councilofnonprofits.org/sites/default/files/Implications%20of%20the%20Sarbanes%20Oxley%20Act%20for%20Nonprofits.pdf
  4. http://www.independentsector.org/uploads/Accountability_Documents/sarbanes_oxley_implications.pdf
  5. http://www.councilofnonprofits.org/conflict-of-interest
  6. http://www.councilofnonprofits.org/document-retention-policies
  7. http://www.centerfornonprofitexcellence.org/files/SarbanesOxley.BoardSource.pdf