Internal controls help NGOs handle everyday risks of mistakes, confusion or fraud. They also protect staff from any pressure to mis-use funds and from the suspicion of wrong-doing
"It is better to have procedures in place to deter theft and fraud than one to discover it."
Internal controls are designed to ensure:
- Safeguarding of assets
- Prevention and detection of fraud or error
- Accounting records are accurate, complete and up-to-date
- Compliance with relevant laws and restrictions
- Employees are protected - from themselves and each other
There are two important aspects of an internal control system: the control environment, and the control procedures that take place within that environment.
The control environment includes the management style, organisational values and culture. Do management lead by example? Is recruitment done fairly, or is there nepotism? Is priority given to induction, training and internal audit? Are procedures written down and shared?
You can have the best designed control procedures in the world, but in a poor control environment they simply won’t be effective.
Nearly all internal control procedures fall into one of seven categories:
- Physical verification – cash counts, asset verification and stock counts
- Limited access – locks, passwords and bank signatories
- Standard documents – standard formats for receipts, payment vouchers, requisitions, local purchase orders, travel allowance sign sheet etc
- Segregation of duties – making sure not one person can carry out a transaction from beginning to end, no self review or self authorisation. We see this in action in a Procurement process.
- Checks and balances – Balancing the manual cashbook, double entry controls over accounting records, reviewing the bank reconciliation
- Approval and authorisation – budget holders approval of payments, Board authorisation for asset disposal etc
- Reconciliation – Comparing bank statement and cashbook, agreeing a statement from a supplier to your own records
Remember the building blocks
Think back to the building blocks of effective financial management at the start of this section. Internal controls is one building block, but the others also act as controls.
Checking the budget before making payments is an important control over spending
Transparent book keeping is an important control against fraud
Reviewing financial reports is an important control to detect errors and inconsistencies
Like all organisations, NGOs also face the risk of fraud. Prevention is better than cure! But if you detect it, be sure to act!
See some example fraud policy manuals
NGOs have to be flexible and make decisions at the local level. Procedures have to balance (a) keeping control with (b) encouraging flexibility.
Assess your own internal controls using Mango’s Health Check
Mango's Accounting Pack - the user Guide has a detailed description of various types of controls.
See also examples of controls over particular areas (bank, cash, fixed assets etc).